Distributed denial of service (DDoS) attacks are associated with criminal activity, but not all those behind DDoS attacks are cyber criminals, research has revealed.
Nearly half of more than 5,500 companies polled in 26 countries claimed to know the identity and motivation behind recent DDoS attacks, and 12% named competitors as the most likely culprits.
This suspicion increases in the business services industry, with 38% of respondents in this sector believing their competitors were behind a DDoS attack, according to a survey by Kaspersky Lab and B2B International.
However, 18% attributed recent DDoS attacks to criminals seeking to disrupt or distract while another attack took place; 17% to criminals seeking to disrupt their services for a ransom; 11% to political activists; and 5% to state-sponsored activities.
The most popular motivation for the attacks is believed to be a ransom, cited by 27% of respondents in the manufacturing and telecoms sectors.
“DDoS attacks are no longer just about cyber criminals seeking to halt a company’s operations,” said Evgeny Vigovsky, head of DDoS protection at Kaspersky Lab.
“Businesses are becoming suspicious of each other, and there is a real concern that many companies – including small and medium ones – are being affected by the underhanded tactics of their competitors, which are commissioning DDoS attacks directly against them, damaging their operations and reputation,” he said.
In the light of this trend, Vigovsky said all businesses should remain vigilant and fully understand the repercussions of a DDoS attack in terms of the potential financial and reputational damage.
“It is wise not to pay a ransom, or to fall victim to cyber criminals or competitors. Ensure that you have the appropriate security measures in place to help manage the increased risk posed to your business from DDoS attacks,” he said.
Looking ahead to 2016, security firms expect to see an increase in the tactic of using DDoS attacks to distract companies from other, more damaging malicious activity on their networks, such as data theft.
The use of DDoS, or the threat of DDoS attacks, as a way of extorting money is also expected to continue and increase in the coming year.
According to the study, 20% of companies with 50 employees or more reported that they have been the victim of at least one DDoS attack, with companies in the telecoms, financial services and IT sectors the most likely to be targeted.
The study also revealed that 50% of DDoS attacks led to a noticeable disruption of services; 26% led to the loss of sensitive data; 24% led to services being completely unavailable; and 74% led to a noticeable disruption of service, which coincided with a different type of security incident, such as a malware attack, network intrusion or other type of attack.
According to Kaspersky Lab, the average cost for recovering from a DDoS attack for companies of more than 1,500 employees is $417,000, and $53,000 for small and medium businesses (SMBs).
Yet 56% of those polled thought that spending money to prevent or mitigate DDoS attacks in future would be worth the investment, 53% said their organisation knew how to mitigate or prevent DDoS attacks, and only 52% felt well-informed about DDoS attacks.
Despite the cost and complexity of dealing with DDoS attacks, the Kaspersky Lab research said the average financial damage of a DDoS attack is significant, especially for SMBs, and is definitely higher than the cost of a service designed to reduce the effect of such attacks.
“DDoS prevention is almost always a third-party service, and outsourcing this trouble to experts not only reduces the damage but also frees up IT personnel to deal with a probable complementary attack on a company infrastructure, which will have much worse consequences,” the report said.