It should come as no surprise that DDoS attacks continue to grow in size. The proliferation of poorly secured IoT devices led to the realization of massive botnets whose sheer size and power can easily overwhelm standard DDoS defenses. In this IoT age, good DDoS defenses aren’t enough.
With every strike launched, attackers are probing and taking note of your defenses and deficiencies. And as every IT professional knows, it only takes one successful attack to cause brand damage. So when 40% of respondents said they learned of an attack on their network by their customers, the brand is bound to take a reputational hit.
Despite the fact that 99% of organizations have DDoS-specific defenses in place, nine in ten are investing more than they did just 12 months ago. Even then, more than 1/3 believe that the increases are still insufficient. Companies around the world are seeking to take back the advantage gained by attackers last year.
Headlines aside, the tempo of attacks of all sizes against organizations increased as expected with 849 of 1,010 (84%) of those organizations being hit with at least one DDoS attack in the previous 12 months, up from 73% in 2016. It got worse, 86% of those attacked had to contend with more than one DDoS attack 82% reported in the previous year. If that was not bad enough, DDoS attacks were often used in concert with other cyber crime activities with a sharp rise in impact as these latest findings reveal. Advantage: Attacker.
Organizations took longer to identify and respond to attacks. Attackers have learned how to tease defenses, probe network vulnerabilities, and execute more lethal strikes. The difficulty in being able to effectively, efficiently detect and respond to DDoS attacks has no doubt frustrated those working to protect revenue flows, strategic partnerships, and brand reputations. Most concerning is that half of those attacked needed at least three hours to detect and half need at least three hours to respond. No wonder why 40% of those hit inadvertently used their customers as a DDoS monitoring service.
Attackers aren’t wasting any time or resources going after companies. Compared to this time last year, Neustar has mitigated nearly two-times the number of attacks. And as the pace has picked up, so too have the vectors and methods employed.