DDoS attacks are now one of the most common and affordable cyberweapons. They are used by unscrupulous competitors, sinister extortionists or just everyday cyber-vandals. More and more companies, regardless of their size or business, are encountering this threat. And, according to the results of a survey conducted by Kaspersky Lab and B2B International, the majority of companies believe that revenue and reputation losses are the most damaging consequences of a DDoS attack.
According to the figures, companies regard lost business opportunities – the loss of contracts or on-going operations that generate guaranteed income – as the most frightening consequence of a DDoS attack. 26% of companies that encountered DDoS attacks regarded this as the biggest risk.
Reputational risks (23%) are next, close behind lost opportunities. This also makes complete sense, since a negative customer or partner experience can drive away future contracts or sales. Losing current customers who could not access the anticipated service due to a DDoS attack was in third place: it was named by 19% of respondents. Technical issues were at the bottom of the pile: 17% of respondents identified a need to deploy back-up systems that would keep operations online as the most undesirable consequence, while 14% were most concerned about the costs of fighting the attack and restoring services.
Respondents from companies in different fields take different views of the consequences of DDoS attacks. For example, industrial and telecoms companies, as well as e-commerce and utilities &energy organizations, tend to rate reputational risks ahead of lost business opportunities. In the construction and engineering sector there is more concern about the cost of setting up back-up systems, perhaps because larger companies face higher expenditure on this kind of system.
“People who have not yet faced a particular threat often tend to underestimate it while those who have already experienced it understand which consequences might be the most damaging for them. However, it makes little sense to wait until the worst happens before acting – this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks”, said Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.
DDoS attacks on company resources are becoming a costly problem but only 37% of the organizations surveyed said they currently have measures in place to protect against them. This is an unnecessary oversight at a time when the IT security market can offer reliable and easy-to-deploy security solutions that are able to prevent loss of access to online services caused by a DDoS attack.