According to the results of a study conducted by Kaspersky Lab and B2B International, a DDoS attack on a company’s online resources might cause considerable losses, with average figures ranging from $52,000 to $444,000 depending on the size of the company. For many organisations, these expenses have a serious impact on the balance sheet and harm the company’s reputation due to the loss of access to online resources for partners and customers alike.
The total cost reflects several problems. According to the study, 61 percent of DDoS victims temporarily lost access to critical business information, 38 percent of companies were unable to carry out their core business, and 33 percent of respondents reported the loss of business opportunities and contracts. In addition, 29 percent of successful DDoS incidents had a negative impact on the company’s credit rating, while in 26 percent of cases it prompted an increase in insurance premiums.
Free Cyber Security Training! Join the revolution today!
The experts included the costs of remediating the consequences of an incident when calculating the average sum. For example, 65 percent of companies consulted with IT security specialists, 49 percent of firms paid to modify their IT infrastructure, 46 percent of victims had to turn to their lawyers, and 41 percent turned to risk managers. These are only the most common expenses.
Information about DDoS attacks and subsequent disruption to the business often becomes public, adding to the risks. 72 percent of victims disclosed information about a DDoS attack on their resources. Specifically, 43 percent of respondents told their customers about an incident, 36 percent reported to representatives of a regulatory authority, and 26 percent spoke to the media. 38 percent of companies suffered reputational loss as a result of a DDoS attack, and almost one in three of the affected organisations had to seek the assistance of corporate image consultants.
“A successful DDoS attack can damage business-critical services, leading to serious consequences for the company. For example, the recent attacks on Scandinavian banks (in particular, on the Finnish OP Pohjola Group) caused a few days of disruption to online services and also interrupted the processing of bank card transactions, a frequent problem in cases like this. That’s why companies must consider DDoS protection as an integral part of their overall IT security policy. It’s just as important as protecting against malware, targeted attacks, data leaks and the like,” said Eugene Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.
Kaspersky Lab technology provides continuous access to its clients’ online resources even during complex, lengthy and previously unknown types of DDoS attacks. Kaspersky DDoS Protection switches client traffic to Kaspersky Lab cleaning centres for the duration of the attack, filtering malicious traffic so that the client only receives legitimate requests. This prevents infrastructure and services from being overloaded. Read more about Kaspersky DDoS Protection work principles.
About Kaspersky Lab
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.