A single DDoS attack could cost over $400,000
One of the major worries for online businesses is being subject to a DDoS attack. As well as damaging reputations these can have a serious effect on finances too.
According to a new study by Kaspersky Lab the average cost of a DDoS attack ranges between $52,000 and $444,000 dollars depending on the size of the business.
The cost reflects a number of different issues. According to the study, 61 percent of DDoS victims temporarily lost access to critical business information, 38 percent of companies were unable to carry out their core business, and 33 percent reported the loss of business opportunities and contracts. In addition, in 29 percent of DDoS incidents, a successful attack had a negative impact on the company’s credit rating while in 26 percent of cases it prompted an increase in insurance premiums.
The figures also factor in the costs of dealing with an attack. These include 65 percent of companies having consulted with IT security specialists and 49 percent paying to modify their IT infrastructure. Also 46 percent of victims had to turn to their lawyers and 41 percent turned to risk managers.
Attacks can have an ongoing effect too depending on how an organization deals with them. 72 percent of victims disclosed information about a DDoS attack on their resources. Specifically, 43 percent of respondents told their customers about an incident, 36 percent reported to representatives of a regulatory authority and 26 percent spoke to the media. 38 percent of companies say they suffered reputational loss as a result of an attack.
"A successful DDoS attack can damage business-critical services, leading to serious consequences for the company," says Eugene Vigovsky, Head of Kaspersky DDoS Protection at Kaspersky Lab. "For example, the recent attacks on Scandinavian banks (in particular, on the Finnish OP Pohjola Group) caused a few days of disruption to online services and also interrupted the processing of bank card transactions, a frequent problem in cases like this. That's why companies today must consider DDoS protection as an integral part of their overall IT security policy. It's just as important as protecting against malware, targeted attacks, data leak and the like".
You can see a summary of the study's findings in infographic form below or the full report is available from the Kaspersky website.