When Australia’s largest wireless broadband provider Cirrus Communications suffered a distributed denial of service (DDoS) attack in July 2014, the attack had hit Cirrus’ core network, rather than the radio equipment on the edge, knocking out half of its network. Following the incident, the broadband provider admitted that it had experienced “struggles” in the wake of the event, and further reports suggested that the attack had disrupted communications to other carriers that use Cirrus’ services.
It would be naïve to think that DDoS attacks are rare. In fact, many reports indicate the opposite. According to BT Global Services, 64% of Australian organisations were hit by DDoS attacks in 2014, which was the highest out of all 11 geographical areas measured in the report. Not only are DDoS attacks common, the ones seen in Australia are shorter and more aggressive. According to ARBOR Networks the attack length in Australia during the first quarter of 2015 was 22 minutes, versus 46 minutes in Asia Pacific (APAC). The average DDoS attack was 1.25 Gbps, compared with the APAC average of 483.65 Mbps—a dip from the last quarter of 2014 where the average DDoS attack in Australia was 1.34 Gbps and the average APAC attack size was 500.68 Mbps.
Considering the statistics, organisations should already have a solid plan in place to counteract such attacks, but in reality, only 24% of Australian organisations said that they have sufficient resources in place to counteract a DDoS attack, according to the same BT Global Services report.
It Pays to be Prepared
Due to the growing ease of launching DDoS attacks, the demand for DDoS prevention solutions is also on the rise. IDC has forecast that the worldwide market for DDoS prevention solutions will grow by a compound annual growth rate (CAGR) of 18.2% from 2012 through 2017 and reach $870 million.
DDoS attacks are not only obnoxious to deal with, but they can be a great detriment to your company. Companies that have undergone DDoS attacks have experienced the following:
Loss of income: For ecommerce giants, just a second of downtime could mean thousands in lost revenue. Even if your company isn’t as large as Amazon or eBay, any amount of profit loss due to downtime should be cause for concern. Not only do you miss a potential sale in real time, that customer is less likely to come back and try to purchase from you again in the future. A recent study by Kaspersky Lab and B2B International estimated that a DDoS attack on an organisation’s online resources might cause losses ranging from $52,000 to $444,000.
Brand damage: If potential customers are trying to reach your website and are greeted with an error message, they probably will not immediately assume that the site is under a DDoS attack. They will most likely assume that there is something wrong with the development of the website itself and may feel that it is unreliable, making them less likely to return. Press surrounding DDoS attacks can also paint a bad picture for your brand. If the driving force behind the attack was based on political or moral agendas, your brand could acquire a negative image because it was one of the attacker’s targets.
Loss of customer confidence: Just as your brand image may deteriorate in the public eye, your customers may also lose confidence in your organisation. If you have a web service-based company (think web hosts) and if your servers go down due to an attack, all of your customers’ websites go down as well. It can take only a few moments of downtime a year to provoke a customer to move to another service provider.
Personnel cost: The time spent by your personnel to investigate and mitigate an attack can be costly. Time spent by your operations team dealing with an attack only takes away from their regular work. Similarly, your helpdesk will also see an influx of calls and tickets due to questions surrounding access during downtime. All of these extra hours can massively add up over the duration of an attack… Click HERE to find out more about this article