DDoS Attack Research: What’s Your Response Time?

Many organizations require several hours to identify and address distributed denial-of-service (DDoS) attacks, according to a recent study of 1,010 directors, managers and C-suite executives conducted by information services and analytics provider Neustar.

The Neustar "Worldwide DDoS Attacks & Cyber Insights Research Report" indicated 51 percent of respondents said they needed at least three hours to detect a DDoS attack, and 40 percent noted they required at least three hours to respond to an attack.

In addition, the report showed 40 percent of respondents that suffered an attack used their customers as a DDoS monitoring service.

DDoS Attack Trends

The Neustar report highlighted several recent attack trends, including:

  • Attacks are getting bigger. Forty-five percent of DDoS attacks were more than 10 gigabits per second (Gbps), and 15 percent were at least 50 Gbps.
  • Cybercriminals are targeting all organizations, regardless of industry. Across all industries, 84 percent of respondents said they suffered a DDoS attack, up 15 percent year over year. Also, 86 percent said they were hit more than once.
  • Attacks are causing significant revenue losses. Forty-three percent of respondents said they suffered an average revenue loss of at least $250,000 per hour due to a DDoS attack.
  • Ransomware attacks are on the rise. The instances of ransomware reported in conjunction with DDoS attacks rose 53 percent year over year.
  • Current protection systems are insufficient. Ninety-nine percent of respondents stated they have some sort of DDoS protection in place, 90 percent are investing more in DDoS protection than they did a year ago and 36 percent think they should be investing even more. 

Ultimately, organizations may need to rework their protection strategies to keep pace against cybercriminals, Neustar pointed out.

" attacks are the zeitgeist of today's Internet," Barrett Lyon, Neustar's head of research and development, said in a prepared statement. "The question organizations must ask now is how they are prepared to manage these highly disruptive events."

2017 Threat Landscape

Attack trends to watch in 2017 include an increase in generic routing encapsulation (GRE) based flood attacks and connectionless lightweight directory access protocol (CLDAP) reflection attacks, Neustar indicated.

Moreover, multi-vector attacks are becoming exceedingly complex, and organizations must prepare accordingly.

"It is time for a new approach and for innovation to come to a defense model that is rapidly falling behind," Neustar wrote in its report.

How to Combat Attacks

Neustar provided two tips to help organizations mitigate the effects of DDoS attacks:

  1. Go beyond DDoS attack identification. With a strong protection system in place, an organization can address all risks associated with a DDoS attack.
  2. Educate employees about attacks. Assess, plan, test and communicate a DDoS protection strategy throughout an organization.

DDoS attacks can put an organization, its revenues and its brand reputation in danger, Neustar indicated. However, an organization that deploys a proactive approach to DDoS protection may be better equipped than others to resolve attacks before they escalate.

"Organizations must understand what's at risk, be clear in their requirements, evaluate business models as much as technologies and find a security partner that can best put down the attacks that are surely coming," Neustar stated in its report.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.