DDoS or denial of service attack is an attempt to make the resources of a system unavailable to its users. Virtually all industries are susceptible to this type of attack. DDoS attacks are growing rapidly, and many countries are beginning to create legislation so that they are taken more seriously and treated as a real problem.
A10 Networks announced the results of a recent report commissioned by IDG Connect: “IDG Connect DDoS Survey”.
The main conclusion of the study, which is based on interviews with 120 senior decision-making IT in large organizations, cites that companies are currently waging a brutal battle against a growing army of online attackers. As a result, companies suffer an average of 15 DDoS year, with an offensive that causes an average of 17 hours of actual inactivity, including falls, blocking or denial of access to the client.
As DDoS attacks become more popular, they are also become harder to combat. So, and while the maximum utilization of bandwidth to carry out an attack reaches the middle of incredible 30-40 gigabits per second (Gbps), 59% of organizations confirmed to have experienced assault of more than 40 Gbps. Besides, most respondents (77%) also expect sophisticated multi-vector attacks patterns as the most dangerous type of DDoS attacks in the future.
More than half of the organizations surveyed confirmed their intention to increase their budgets for prevention of DDoS attacks in the next six months. The IT security teams are the most likely to lead efforts to prevent DDoS attacks (36%), followed closely by CSOs (26%) and CIOs (26%).
DDoS attacks are called ‘sudden death’ for good reason. If the brake is not put, costs for organizations could range from loss of business to the need to invest time in restoring the service and decrease in customer satisfaction. The good news is that IDG findings show that security teams are making the DDoS attack prevention a priority. With improved threat prevention system, they can make an immediate threat to their business in a notification level.
Among the key findings of the report include:
- The type companies suffered an average of 15 DDoS a year, with large organizations experienced more interruptions.
- One in five companies reported that downtime were more than 36 hours, with an average duration of 17 hours attacks.
- 33% of respondents reported DDoS attacks over 40 Gbps with the most common are Flood UDP (23%), Slow Post (16%) and SYN Flood (14%).
- 77% believe that the multi-vector attacks, including attacks at the application level and volume, are included, will be the most dangerous in the future.
- More than half of respondents plan to increase their DDoS budgets (54%) in the next six months.
- 53% of respondents confirmed that on premise protection is the most effective solution to deal with multi-vector DDoS threats, followed by the hybrid protection (34%), or a single solution as the on-premise appliance (19%).
The corporate segment in various industries believes that telecom operators and ISPs are those who are best positioned to protect them against such attacks. There is, therefore, a window of opportunity for operators to generate revenues by offering security services to mitigate DDoS attacks.