DDoS attacks a growing concern for UK, BT study shows

DDoS attacks are a growing concern for UK organisations, a study has revealed

Distributed denial of service (DDoS) attacks are a growing concern for UK organisations, according to a global study on disruptive cyber attacks commissioned by BT.

More than half of UK organisations polled said their systems had been taken down for more than six hours in the past year, according to the survey carried out by Vanson Bourne in May 2014.

The research reveals that 41% of organisations globally were hit by DDoS attacks in the past year, with more than three-quarters of those reporting two or more attacks.

More than a third of UK organisations see DDoS attacks as a key concern, compared with 58% of organisations globally.

The BT study examined the attitudes to and preparedness for DDoS attacks of IT managers from organisations in 11 countries and regions around the world.

It revealed that despite the growing concern over the attacks, only about half of UK organisations have a response plan in place.

And less than one in 10 UK decision-makers believe strongly they have sufficient resources in place to counteract an attack.

DDoS attacks can cause major disruption for organisations by making websites unavailable, overwhelming datacentres or making networks unusable.

Combating DDoS attacks

DDoS attacks are also increasingly becoming more complex and difficult for organisations to fend off, according to the survey report.

Nearly two-thirds of those polled agree that DDoS attacks are becoming more effective at subverting their organisation’s IT security measures.

Attackers are often adopting hybrid, or multi-vector, attack tactics, which involve attacks through multiple platforms. This type of attack has increased by 41% in the past year, the survey found.

Multi-vector attacks pose increased complexity and risk as they involve multiple attack methods deployed simultaneously.

These often require a dedicated mitigation team to track and combat the threat across multiple fronts, as automated systems are less likely to be able to offer adequate protection.

Earlier this month, a report warned that more needs to be done to reduce the number of Network Time Protocol (NTP) servers vulnerable to being abused to carry out DDoS attacks.

The number of vulnerable servers fell from 432,120 in December 2013 to 21,156 in March 2014, but there are still more than 17,000 vulnerable servers worldwide, according to the report by security firm NSFOCUS.

“DDoS attacks have evolved significantly in the past few years and are now a legitimate business concern,” said Mark Hughes, president of BT Security.

“They can have a damaging effect on revenues and send an organisation into full crisis mode,” he said.

DDoS attacks are costly

Hughes said organisations are also counting the cost of DDoS attacks in terms of damage to reputation, revenue and customer confidence in addition to the cost of recovering from attacks.

Almost a third of companies estimate losses to be more than £240,000 a day, according to the second annual UK DDoS report, published in May 2014 by communications firm Neustar.

Finance, e-commerce companies and retailers in particular suffer when their websites or businesses are targeted. Customer complaints increase an average of 36% after DDoS attacks, the BT survey revealed.

The impact that DDoS attacks can have on organisations is felt in the length of time it takes them to recover from their most severe attack, the survey report said.

On average, organisations take 12 hours to fully recover from an especially powerful attack – longer than an entire working day, the survey found.

“The most efficient way to protect against the attack is raising awareness among employees and partnering with a trusted and capable supplier,” said Hughes.

“At BT, we are working with leading global organisations to help them mitigate risks and put in place proactive defences,” he said.

DDoS attacks do not involve a breach of data, but are typically used by rivals for competitive advantage or by hacktivists to highlight a particular cause or issue.

Security researchers are also beginning to see that DDoS attacks are seldom one-off events, but rather precursors to further attacks and even smokescreens for other malicious activity.

Read more on Business continuity planning