Distributed
Denial of Service (DDoS) attacks are one of the biggest cyberthreats facing
organizations today, with the potential to quickly bring a halt to business
operations and lead to significant financial and reputational damage.
However, research from Kaspersky Lab has revealed that businesses are
falling behind in the race to protect themselves from the attacks, due a
reliance on others to do the job for them and a general lack of knowledge about
how to protect themselves against becoming a victim.
The IT
Security Risks research is an annual survey conducted by Kaspersky Lab in
conjunction with B2B International. In 2017, 5,274 representatives of small,
medium (50 to 999) and large (1000+) businesses from 29 countries were surveyed
about their views on IT security and the real incidents that they have had to
deal with.
Key findings
Despite 43%
of businesses feeling vulnerable to this type of attack, many of them (41%)
admit that although they would like to know more about cybersecurity, they
currently have little knowledge about the threat. Over a third of organisations do not use anti-DDoS solutions, but instead rely
on their Internet Service Provider (ISP) and data centre provider (26%) to shield them from attacks.
However, such an approach could put many companies at risk of suffering
from data loss and business disruption, as we witnessed with the high-profile DDoS attack which
brought down the servers of Dyn in 2016, affecting much of America’s Internet
access.
Another
challenge for businesses is that many businesses do not have a clear strategy
on how to react to DDoS attacks and lack basic countermeasures such as reserve
servers and data backups.
As a result,
they may be unprepared, hindering their ability to respond to the inevitable
attack when it does come. For those that do actively protect themselves against
DDoS attacks, this has only been due to being a victim in the past (30%) or
because they are required to do so for regulatory purposes (35%).
Trends
As reported
earlier, experts
noted an increase in activity by both old and new botnets, growth in the
popularity of amplification DDoS attacks and the return of long-lasting,
multi-day DDoS attacks. At the same time, Asia-Pacific region is a targeted
geography that is experiencing a large number of attacks.
According to
Mr Alexey Kiselev, Project Manager on the Kaspersky DDoS Protection team, DDoS
attacks are showing no signs of slowing down.
“Every
business – no matter what its size or level of IT expertise – can be a victim.
Businesses must ensure they are prepared to defend against powerful and
sophisticated attacks, utilising insight from experienced personnel in tandem
with next-generation technology to ensure operations stay up and running and
business-critical data remains protected,” said Mr Kiselev.
What can a business do?
As an attack
on a data centre provider or ISP could do just as much damage to its partners
and customers if the situation is not managed properly, it is important for
businesses to understand the risks around DDoS and to take their own
precautions.
Businesses
that want to be better prepared for DDoS should gain a better understanding of
the severity of such attacks and take responsibility for securing their company
perimeters from the increasing risk. This includes improving both prevention
and response plans, to safeguard corporate data and ensure operations are not
affected.
Kaspersky
DDoS Protection can
help businesses defend themselves against DDoS attacks. The fully-integrated
solution features advanced intelligence and special sensor software to protect
organisations from the most complex and high-volume attacks.
Is your organisation getting the
protection it deserves? Download white paper here to find out more.