News stories about major DDoS (Distributed Denial of Service) attacks have become so common that most of us just skim over them or skip reading them completely. Every year, new records are set for the “largest attack in history,” and with hackers offering to launch a small DDoS attack for as little as $100, even small companies and individuals can easily be targeted with crippling amounts of traffic that take down their websites.
But who is most at risk for being slammed with a DDoS, and therefore most in need of DDoS protection? According to a new report, it’s the world’s largest brands and organizations.
Fame Can Be Dangerous
Each year, U.S. tech company Neustar surveys more than 1,000 IT professionals to determine the status of DDoS protection and prevention worldwide. One of the key findings of their latest survey was that well-known global brands and organizations are the most likely to be targeted by attacks; almost three-quarters of those companies were the target of a DDoS attack during the year. And once hit, those organizations weren’t left alone, with four-fifths of them reporting that they were repeatedly attacked and half saying they suffered at least six DDoS blasts during the year.
How much is at stake for these global companies? Half report losing at least $100,000 per hour while suffering a DDoS during peak business hours, and a third say the cost is more than $250,000 per hour – and it takes them an average of three hours just to discover a DDoS attack and begin to fight it. That puts the minimum cost per attack at anywhere from half-a-million to a million dollars, even if the blast is mitigated quickly. That’s vastly higher than the cost of a DDoS attack to the average business, estimated by the CDN Incapsula to be $40,000 per hour for large businesses, much less for smaller ones.
The global brands also suffered in other ways; more than half say they lost customer data, financial data or intellectual property in a DDoS attack, and almost as many report that viruses or malware were installed on their machines during attacks.
DDoS protection is understandably becoming a priority for these companies. Three-quarters of them say they’re spending more this year on DDoS protection and mitigation than in the previous year, and nearly half have joined security consortiums so they can share data and strategies with other frequent targets.
You Don’t Have To Be Famous To Be Targeted
However, large global brands are far from the only targets of frequent DDoS attacks. The gaming industry is the most commonly attacked by hackers, suffering nearly 50% of all DDoS blasts each year. Software and tech companies are next in line, although they’re the most common targets of sophisticated application-layer DDoS attacks.
You might expect that the financial sector would make the top three, from all of the news stories published about major banks and lenders being hit. You’d be wrong, though; the third most popular target for DDoS attacks are colleges and universities, which are often hit by disgruntled students, former students or staff members.
This just goes to show that DDoS attacks don’t play favorites – and that anyone with a server installation or business dependent on Internet connectivity can’t afford to neglect DDoS protection in their IT strategy.