DDoS attacks consistent, relentless and costly, report shows

The volume of distributed denial of service (DDoS) attacks remains consistently high and is causing real damage to organisations, a global report has revealed.

The use of DDoS attacks as “smokescreens” to distract targets from other malicious activities that result in additional compromise also remains prevalent, according to the latest report from communications and analysis firm Neustar.

The majority of DDoS attacks (53%) resulted in additional compromise, including viruses (46%), ransomware (15%) and other malware (37%), the report said.

The report, based on a survey of more than 1,000 information security professionals worldwide, coincides with warnings of a surge in DDoS attacks.

The warning follows the release of the Mirai botnet malware code that enables attackers to harness the bandwith of devices making up the internet of things (IoT) to deliver record strength DDoS attacks of up to one terabit or 1,000 gigabits per second (Gbps).

These IoT-based attacks are proof of the increasing threat and destructive nature of DDoS attacks, said Tom Pageler, chief security and risk officer at Neustar. 

The Neustar report notes that as unsecured IoT devices are hastily rolled out to meet market, the risk of IoT-based DDoS attacks is increasing as is the risk of being targeted by DDoS attacks.

Nearly two out of three respondents said they have adopted and are actively using IoT devices. The report notes that companies that have adopted and are using IoT devices have a higher probability of attack than organisations that are not using IoT devices.

In all, 82% of IoT adopters experienced an attack compared with just 58% of those who have not yet done so.

“As people continue to adopt IoT-connected devices, the number of botnets will only increase. With 73% of organisations reporting [that they had been targeted by] a DDoS attack, the margin for error when it comes to a bad defence is rapidly decreasing,” the report said.

The survey also revealed that 85% of attacked organisations were attacked more than once and 44% were attacked more than five times.

DDoS attacks are time-consuming and expensive, the report said, noting that it can take hours to detect and mitigate a DDoS attack at significant cost to the organisation.

The survey shows that 71% of organisations took an hour or more to detect a DDoS attack and 72% took an additional hour or more to respond to the attack.

Nearly half of surveyed organisations said they would lose $100,000 or more per hour of downtime during these attacks.

The report said while the majority of respondents (76%) are investing more in DDoS protection than they were a year ago, 53% are still using traditional firewalls, 47% using a cloud service provider and 36% are using an on-premise DDoS appliance combined with a DDoS mitigation service.

“Organisations should be concerned that DDoS attacks are growing increasingly sophisticated and relentless, frequently serving as the first stage of a multi-stage attack against an organisation’s infrastructure,” said Rodney Joffe, senior vice-president and senior technologist for Neustar.

“But there is a silver lining because, as public attention is driving urgency to improve DDoS protection capabilities, organisations are increasingly realising that having a DDoS mitigation solution in place is a requirement to keep your organisation protected when a DDoS attack occurs,” he said.