DDoS attacks on the rise, Kaspersky research shows

Distributed denial of service (DDoS) attacks are on the rise, with about one-third (33%) of polled global organizations facing such an attack in 2017, new research from cybersecurity company Kaspersky Lab has found.

The IT Security Risks research is an annual survey conducted by Kaspersky in conjunction with market research company B2B International. In 2017, more than 5,200 representatives of small, medium (50 to 999 employees) and large (1,000+ employees) businesses from 29 countries were asked their views on IT security and the real incidents that they have encountered.

The 33% of polled companies that reported facing a DDoS attack is nearly double the amount of organizations that said they faced such an attack in 2016 (17%), Kaspersky said in a press release on Tuesday. “This rapid development in the cyber threat landscape means that all businesses – regardless of size – are at risk of experiencing a DDoS attack,” the release said.

According to Kaspersky’s website, DDoS attacks take advantage of the specific capacity limits that apply to any network resources, such as the infrastructure that enables a company’s website. The DDoS attack will send multiple requests to the attacked web resource, with the aim of exceeding the website’s capacity to handle multiple requests and prevent the site from functioning correctly.

In this year’s survey, Kaspersky found that 50% of businesses “claim that the frequency and complexity of DDoS attacks targeting organizations like theirs is growing every year.” Of those 33% of organizations experiencing an attack in 2017, 20% were very small businesses, 33% were SMBs and 41% were enterprises, further proving that organizations of all sizes are at risk, Kaspersky said in the release. Although figures for this year show that companies are more likely to experience just one attack, 82% of organizations faced more than one DDoS attack in 2016, and this year, 76% faced at least one attack.

Cybercriminals are increasingly using DDoS attacks as a way to gain access to valuable and lucrative corporate data, and not just to cripple a victim’s services, Kaspersky reported. The consequences of an attack are no less severe, resulting in significant business disruption. Of the organizations that have been hit by DDoS attacks, 26% reported a significant decrease in performance of services and 14% said there was a failure of transactions and processes on affected services.

In addition to causing immediate and visible operational issues, many companies also claim that DDoS attacks are being used to cover up other types of incidents, leading to severe financial and reputational damage. In the first half of 2017, over half of respondents affected by a DDoS attack (53%) claimed that it was used as a smokescreen. Half (50%) reported that the attack hid a malware infection; 49% said that it masked a data leak or theft; and 42% said that the DDoS attack was used to cover up a network intrusion or hacking. Another 26% of businesses reported that the attack was hiding financial theft.

“The threat of being hit by a DDoS attack – either standalone or as part of a greater attack arsenal – is showing no signs of diminishing,” said Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “It’s not a case of if an organization will be hit, but when. With the problem growing and affecting every type and size of company, it is important for organizations to protect their IT infrastructure from being infiltrated and keep their data safe from attack. Working with the right partner will ensure that companies can cope with all levels and complexities of DDoS incident, as the attacks only continue to get stronger and more sophisticated.”