Neustar Survey Finds Most UK Companies ill-equipped to tackle costly DDoS Attacks
A third of UK companies surveyed estimated a loss of around £240,000 per day when hit with DDoS Attacks.
United Kingdom, 7th MAY 2014 – Neustar, a trusted, neutral provider of real-time information and analytics, has today announced findings from its second annual United Kingdom DDoS Attacks & Impact Report. 2014: The Danger Deepens is a survey of IT professionals across the United Kingdom to understand the impact of DDoS attacks on business as well as the ways in which companies are managing the crisis and how attitudes towards DDoS attacks have changed over the past year.
Among the key findings from the survey, a staggering 32% of companies estimate losses of over £240,000 per day during a DDoS outage. Additionally, larger DDoS attacks are becoming more frequent with a 200% increase in attacks affecting bandwidth between 1-20 Gbps, and a significant increase in attacks on bandwidth with a magnitude of 100 Gbps or more.
Distributed Denial of Service (DDoS) attacks are a very real and growing threat to organisations with potentially calamitous consequences for companies without the appropriate protection. In a digital age, the attacks can cut deep into organisations. From IT departments right through to call centres, boardrooms and beyond, DDoS attacks not only inflict a grave toll on revenues, but also damage brand value, public reputation and customer trust.
To establish a thorough insight into the impact of these attacks, Neustar surveyed 331 companies in the United Kingdom, across a diverse range of industries including financial services, technology, retail, government & public sector, health care, energy & utility, telecommunications, e-commerce, Internet services and media. These results show that DDoS attacks disrupt multiple business units, with public-facing areas like call centres, customer service and marketing absorbing over 40% of DDoS-attack related costs.
Other survey findings include:
- Over 35 percent more UK companies were hit by DDoS attacks in 2013 compared with 2012.
- In 2013 there were a greater number of longer-lived attacks, with 28 percent lasting up to two days.
- Once attacked there is a 69 percent chance of a repeat attack. While 31 percent of these companies were DDoS-attacked just once, over 48 percent were targeted 2 to 10 times.
- In 2013, attacks requiring more than 6 people to mitigate rose to 39 percent compared to 25 percent in 2012, a 56 percent increase. Furthermore, DDoS mitigation requiring more than 10 people doubled, from 12 percent in 2012 to nearly 24 percent in 2013.
Neustar’s annual survey also highlights a worrying increase in the rise of DDoS “smokescreening” attacks. These attacks are used by cybercriminals to mask malware or virus insertions usually with the intention to steal valuable data and funds. While IT and security teams are fully distracted by a DDoS attack, criminals grab and clone private data to siphon off funds, intellectual property and more. In one case, criminals used DDoS to help steal bank customers’ credentials and drain $9 million from ATMs in just 48 hours.
"Organisations must remain constantly vigilant and abreast of the latest threats. As an example, Neustar’s UltraDNS network suffered an attack just last week peaking at over 250Gbps – a massive attack by industry standards. Even with proper mitigations in place, the attack caused an upstream ripple. It is a constantly changing threat landscape," explained Rodney Joffe, Senior Vice President and Technology Fellow at Neustar.
DDoS attacks are evolving in complex and dangerous ways. Companies assessing their risk and protection should consider what they stand to lose if they are hit by a severe attack and ensure that rigorous risk, threat and cost analysis is robust enough to protect against financial and data sensitive losses.
Download a copy of the full survey here.
Neustar, Inc. (NYSE:NSR) is the first real-time provider of cloud-based information services and data analytics, enabling marketing and IT security professionals to promote and protect their businesses. With a commitment to privacy and neutrality, Neustar operates complex data registries and uses its expertise to deliver actionable, data-driven insights that help clients make high-value business decisions in real time, one customer interaction at a time. More information is available at www.neustar.biz.