Woburn, Mass. – October 10, 2017 – According to Kaspersky Lab research, Distributed Denial of Service (DDoS) attacks are on the rise, with over a third (33%) of organizations facing a DDoS attack in 2017, compared to just 17 percent in 2016. This rapid development in the cyber threat landscape means that all businesses – regardless of size – are at risk of experiencing a DDoS attack.
According to Kaspersky Lab’s Global IT Security Risks Survey 2017*, 50 percent of businesses claim that the frequency and complexity of DDoS attacks targeting organizations like theirs is growing every year. Indeed, 33 percent of organizations experienced an attack in 2017 – double the amount in 2016, which demonstrates the importance of increased awareness and protection against DDoS attacks.
Of those affected, 20 percent were very small businesses, 33 percent were SMBs and 41 percent were enterprises, further proving that organizations of all sizes are at risk. Although figures for this year show that companies are more likely to experience just one attack, 82 percent of organizations faced more than one DDoS attack in 2016, and this year, 76 percent faced at least one attack.
Cybercriminals are increasingly using DDoS attacks as a way to gain access to valuable and lucrative corporate data, and not just to cripple a victim’s services. The consequences of an attack are no less severe, resulting in significant business disruption. Of the organizations that have been hit by DDoS attacks, 26 percent reported a significant decrease in performance of services and 14 percent said there was a failure of transactions and processes on affected services.
In addition to causing immediate and visible operational issues, many companies also claim that DDoS attacks are being used to cover up other types of incidents, leading to severe financial and reputational damage. In the first half of 2017, over half of respondents affected by a DDoS attack (53%) claimed that it was used as a smokescreen. Half (50%) reported that the attack hid a malware infection; 49 percent said that it masked a data leak or theft; and 42 percent said that the DDoS attack was used to cover up a network intrusion or hacking. Another 26 percent of businesses reported that the attack was hiding financial theft.
“The threat of being hit by a DDoS attack – either standalone or as part of a greater attack arsenal – is showing no signs of diminishing,” said Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “It’s not a case of if an organization will be hit, but when. With the problem growing and affecting every type and size of company, it is important for organizations to protect their IT infrastructure from being infiltrated and keep their data safe from attack. Working with the right partner will ensure that companies can cope with all levels and complexities of DDoS incident, as the attacks only continue to get stronger and more sophisticated.”
*The IT Security Risks research is an annual survey conducted by Kaspersky Lab in conjunction with B2B International. In 2017 we asked more than 5,200 representatives of small, medium (50 to 999) and large (1000+) businesses from 29 countries about their views on IT security and the real incidents that they have had to deal with.