Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Cost of DDoS Attack: Risk Assessment, Mitigation and Protection for Businesses


Published on

DDoS attacks a growing threat that can you take away your company’s internet access and leave your sensitive data vulnerable that can ruin a business. Learn more about this growing threat and how to protect your business.

Published in: Technology
  • Be the first to comment

The Cost of DDoS Attack: Risk Assessment, Mitigation and Protection for Businesses

  1. 1. THE COST OF DDOS ATTACK: Risk assessment, mitigation and protection for businesses
  2. 2. AGENDA What is DDoS? Attack methods and common scenarios Risk assessment The impact and cost of DDoS attacks DDoS as a cover-up for other attacks Prevention and mitigation DDoS protection THE COST OF DDOS ATTACK · 2
  3. 3. /enterprise/DDoS_Protection_White_Paper.pdf THE COST OF DDOS ATTACK · 3 WHAT IS DDOS? A Distributed Denial of Service (DDoS) attack is one of the most popular weapons in the cybercriminals’ arsenal. It aims to make information systems such as websites or databases impossible for regular users to access normally. There can be different motives behind launching DDoS attacks, ranging from cyber-hooliganism to dirty competition practices or even extortion.
  4. 4. THE COST OF DDOS ATTACK · 4 DDOS ATTACK METHODS VOLUMETRIC ATTACKS These attacks are increasingly common. By generating traffic levels that exceed the target business’s available bandwidth, the attack saturates the capacity of the victim’s corporate Internet connection – and that disables or delays all online activities. APPLICATION LAYER ATTACKS Application layer attacks try to crash the servers that are running vital applications – such as the web servers that the victim’s online presence depends on. OTHER INFRASTRUCTURE ATTACKS Attacks that aim to disable network equipment and / or server operating systems can totally halt the operation of key business processes. HYBRID ATTACKS Cybercriminals also launch complex attacks that combine several methods – including volumetric, application layer and infrastructure attack techniques.
  5. 5. 2. Launching a DDoS amplification attack through publicly available servers containing software vulnerabilities Under the second scenario involving an amplification attack, servers leased out from a data center can be used instead of bots. Public servers with vulnerable software are typically used for enhancement. Today, either DNS (domain name system) servers or NTP (network time protocol) servers can be used. An attack is amplified by spoof- ing return IP addresses and sending a short request to a server that requires a much longer response. The received response is sent to the spoofed IP address which belongs to the victim. TWO COMMON DDOS ATTACK SCENARIOS THE COST OF DDOS ATTACK · 5 1. Sending requests directly to the attacked resource from a large number of bots. In this scenario, cybercriminals turn a multitude of computers into remotely controlled “zombies” which then follow the master’s command and simultaneously send requests to the victim computing system (conduct a “distributed attack”)
  6. 6. The top three industries most likely to suffer from a DDoS attack are: telecoms, financial services and IT. BUSINESSES AT RISK A DDoS attack is most likely to last for several hours. But 6% of businesses reported attacks that latest a week, resulting in a severe impediment of services. CUSTOMER PORTAL/LOGIN AREA COMMUNICARIONS SERVICES PUBLIC WEBSITE TRANSACTIONAL SERVICES FILE SERVERS LESS THAN 10 MINUTES 10,1% IT/TELECOM 24% FINANCIAL SERVICES 21% CONSTRUCTION AND ENGINEERING 20% 41% 40% 39% 29% 26% THE COST OF DDOS ATTACK · 6 29,1% 37,9% 14,3% 6,1% 0,5% 1,9% 10 MINUTES TO AN HOUR SEVERAL HOURS A FULL DAY 2 DAYS TO A WEEK SEVERAL WEEKS OR LONGER DON’T KNOW/CANNOT SAY The top three types of infrastructure targeted are: public websites, the limited access customer portal, general communications infrastructure
  7. 7. UNDERSTANDING THE IMPACT The direct financial costs of recovering from a DDoS attack can be massive regardless of industry – lost business opportunities, reputational risks and many other things. THE COST OF DDOS ATTACK · 7 Failed sales transactions during downtime periods Negative publicity that dissuades existing customers and potential clients Failed transactions with possible penalties Damage to your business brand that could take years to recover from Direct financial costs Your own team needs reliable access to key services
  8. 8. THE COST OF DDOS ATTACKS The average cost of a DDoS attack is $106,000 for smaller companies and more than $1.6 million for enterprises BIGGEST EXPENSES ASSOCIATED WITH DDOS ATTACK: If an attack is detected in the first 24 hours, the costs can be almost halved, compared to an attack detected over a day later. THE COST OF DDOS ATTACK · 8 CHANGES TO THE CREDIT RATINGS CHANGES TO THE INSURANCE RATINGS OVERTIME PAYMENTS TO EMPLOYEES 10% STAFF TRAINING 10% PR EXPENSES TO RESTORE A COMPANY’S REPUTATION 9% 19% Medium and Large Companies 20% Small Companies 17% OTHER MAJOR DDOS-RELATED COSTS CUSTOMER COMPESATION 12% UPGRADING IT INFRASTRUCTURE AND SOFTWARE
  9. 9. THE COST OF DDOS ATTACK · 9 REPUTATION DAMAGE DUE TO CUSTOMERS’ MISCONCEPTION If your business is subjected to a DDoS attack, it could also suffer additional losses that result from misconceptions about exactly what a DDoS attack is – and how it could affect your customers. Even though DDoS attacks are unlikely to have any effect on your customers’ security, can you be sure your customers will understand this? Whenever customers hear about a ‘security incident’ – any security incident – some may fear that their confidential information, bank details and credit card numbers could be at risk. Even though these fears may be totally illogical – and stem from customers’ misunderstandings about the nature of DDoS attacks – your business could still suffer.
  10. 10. THE COST OF DDOS ATTACK · 10 Audit IoT devices within your infrastructure Change any default settings (especially common in medium and small companies using consumer-level routers) Enable secure passwords everywhere THE INTERNET OF THINGS AS A DDOS TOOL The Internet of Things (IoT) is increasingly becoming a powerful tool for attackers, facilitated by the neglect for information security both on the part of vendors and users. HOW TO STAY PROTECTED
  11. 11. Research_Reveals_Hacker_Tactics_Cybercriminals_Use_DDoS_as_Smokescreen_for_Other_Attacks_on_Businesses THE COST OF DDOS ATTACK · 11 “DDoS can be used not only as an easy way to stop the activity of a company, but also as a decoy to distract IT staff from another intrusion taking place through other channels.” KIRILL ILGANAEV, Head of Kaspersky DDoS Protection at Kaspersky Lab 56% 87% 29% 26% of businesses questioned are confident that DDoS has been used as a smokescreen for other kinds of cybercrime of these business respondents reported that they had also been the victim of a targeted attack. of businesses that suffered from cybercrime said that DDoS has often been part of the attack tactics businesses that have suffered data loss as a result of a targeted attack, named DDoS as one of the contributing vectors USING DDOS ATTACKS AS A SMOKESCREEN DDoS attacks are sometimes used by cybercriminals to distract businesses while hackers sneak in through the back door. ACCORDING TO 2016 KASPERSKY LAB CORPORATE IT SECURITY RISKS SURVEY
  12. 12. 16% OF COMPANIES DO NOT USE ANTI-DDOS PROTECTION THE COST OF DDOS ATTACK · 12 To ensure your business is adequately defended against DDoS attacks, you need a DDoS attack prevention solution that helps you to: Detect any new attack as rapidly as possible so you can defend your business very soon after the hacker launches the attack. Mitigate the effects of the attack as rapidly as possible to help minimize – or totally prevent – any disruption to the normal business activities DDOS PREVENTION AND MITIGATION A GOOD ANTI-DDOS STRATEGY WILL HELP Minimize downtime for business-critical infrastructure & processes Ensure customers can continue to access online services Maintain productivity for employees Minimize reputational damage
  13. 13. DDOS PROTECTION – STAY SAFE WITH KASPERSKY LAB Discover how Kaspersky Lab defends businesses against DDoS attacks