Businesses are vulnerable to DDoS attack: Annual IT Security Risks research
Distributed Denial of Service (DDoS) attacks are one of the biggest cyberthreats facing organizations today, with the potential to quickly bring a halt to business operations and lead to significant financial and reputational damage.
However, research from Kaspersky Lab has revealed that businesses are falling behind in the race to protect themselves from the attacks, due a reliance on others to do the job for them and a general lack of knowledge about how to protect themselves against becoming a victim.
The IT Security Risks research is an annual survey conducted by Kaspersky Lab in conjunction with B2B International. In 2017, 5,274 representatives of small, medium (50 to 999) and large (1000+) businesses from 29 countries were surveyed about their views on IT security and the real incidents that they have had to deal with.
Despite 43% of businesses feeling vulnerable to this type of attack, many of them (41%) admit that although they would like to know more about cybersecurity, they currently have little knowledge about the threat. Over a third of organisations do not use anti-DDoS solutions, but instead rely on their Internet Service Provider (ISP) and data centre provider (26%) to shield them from attacks.
However, such an approach could put many companies at risk of suffering from data loss and business disruption, as we witnessed with the high-profile DDoS attack which brought down the servers of Dyn in 2016, affecting much of America’s Internet access.
Another challenge for businesses is that many businesses do not have a clear strategy on how to react to DDoS attacks and lack basic countermeasures such as reserve servers and data backups.
As a result, they may be unprepared, hindering their ability to respond to the inevitable attack when it does come. For those that do actively protect themselves against DDoS attacks, this has only been due to being a victim in the past (30%) or because they are required to do so for regulatory purposes (35%).
As reported earlier, experts noted an increase in activity by both old and new botnets, growth in the popularity of amplification DDoS attacks and the return of long-lasting, multi-day DDoS attacks. At the same time, Asia-Pacific region is a targeted geography that is experiencing a large number of attacks.
According to Mr Alexey Kiselev, Project Manager on the Kaspersky DDoS Protection team, DDoS attacks are showing no signs of slowing down.
“Every business – no matter what its size or level of IT expertise – can be a victim. Businesses must ensure they are prepared to defend against powerful and sophisticated attacks, utilising insight from experienced personnel in tandem with next-generation technology to ensure operations stay up and running and business-critical data remains protected,” said Mr Kiselev.
What can a business do?
As an attack on a data centre provider or ISP could do just as much damage to its partners and customers if the situation is not managed properly, it is important for businesses to understand the risks around DDoS and to take their own precautions.
Businesses that want to be better prepared for DDoS should gain a better understanding of the severity of such attacks and take responsibility for securing their company perimeters from the increasing risk. This includes improving both prevention and response plans, to safeguard corporate data and ensure operations are not affected.
Kaspersky DDoS Protection can help businesses defend themselves against DDoS attacks. The fully-integrated solution features advanced intelligence and special sensor software to protect organisations from the most complex and high-volume attacks.
Is your organisation getting the protection it deserves? Download white paper here to find out more.