DDoS Attack Costs on Rise

Wednesday, January 28, 2015 @ 04:01 PM gHale


A distributed denial of service (DDoS) attack on a company’s online resources might cause considerable losses, ranging from $52,000 to $444,000 depending on the size of the company, new research showed.

These expenses have a serious impact on the balance sheet as well as harming a company’s reputation due to loss of access to online resources for partners and customers, said the study conducted by Kaspersky Lab.

RELATED STORIES
Security a Differentiator for Users
Security: A Presidential Mandate
Security Spending to Increase in ‘15
Sony: Risk Management in Real Time

The total costs reflect several problems where 61 percent of DDoS victims temporarily lost access to critical business information, 38 percent of companies were unable to carry out their core business, and 33 percent reported the loss of business opportunities and contracts.

In addition, in 29 percent of DDoS incidents, a successful attack had a negative impact on the company’s credit rating while in 26 percent of cases it prompted an increase in insurance premiums.

Kaspersky researchers included the costs of remediating the consequences of an incident when calculating the average sum. For example, 65 percent of companies consulted with IT security specialists, 49 percent of firms paid to modify their IT infrastructure, 46 percent had to turn to their lawyers and 41 percent turned to risk managers. And these are only the most common expenses.

Information about DDoS attacks and subsequent disruption to the business often becomes public, which adds to the risks. The study found 72 percent of victims disclosed information about a DDoS attack on their resources. Specifically, 43 percent of respondents told their customers about an incident, 36 percent reported to representatives of a regulatory authority and 26 percent spoke to the media. As a result, 38 percent of companies said they suffered reputational loss. Almost one in three affected organizations had to seek the assistance of corporate image consultants.

“A successful DDoS attack can damage business-critical services, leading to serious consequences for the company. For example, the recent attacks on Scandinavian banks (in particular, on the Finnish OP Pohjola Group) caused a few days of disruption to online services and also interrupted the processing of bank card transactions, a frequent problem in cases like this,” said Eugene Vigovsky, head of Kaspersky DDoS Protection at Kaspersky Lab. “That’s why companies today must consider DDoS protection as an integral part of their overall IT security policy. It’s just as important as protecting against malware, targeted attacks, data leak and the like.”

Click here to download the study.



Leave a Reply

You must be logged in to post a comment.