Global businesses are not confident on how to protect themselves against threats like targeted cyberattacks and distributed denial of services (DDoS) attacks, according to new research from worldwide cybersecurity company Kaspersky Lab.
Research from the Corporate IT Security Risks annual survey for 2016, conducted by Kaspersky Lab in cooperation with market research company B2B International, was released earlier this week. For the 2016 survey, Kaspersky asked more than 4,000 representatives of small- and medium-sized businesses (50 to 999 employees) to large businesses (1,000+ employees) from 25 countries on their views on IT security and real incidents they have had to deal with.
The survey found that nearly four in ten (39% of) businesses admitted that they are unclear on the most effective protection strategy to combat targeted and DDoS attacks. “A lack of knowledge and protection is putting businesses across the globe at risk of grinding to a halt,” Kaspersky warned in a press release on Wednesday.
DDoS attacks in particular can quickly incapacitate a targeted business’ workflow, bringing business-critical processes to a stop. However, the research found that nearly a fifth (16%) of businesses are not protected from DDoS attacks at all, and half (49%) rely on built-in hardware for protection. This hardware, however, is not effective against the increasing number of large-scale attacks and “smart” DDoS attacks that are hard to filter with standard methods, Kaspersky said.
In many cases, businesses assume that they’re already protected from these types of attacks, the company added. Almost half (40%) of the organizations surveyed fail to put measures in place because they think their Internet service provider will provide protection, and one in three (30%) think data centre or infrastructure partners will protect them. “The reality is that these organizations mostly protect businesses from large-scale or standard attacks, while ‘smart’ attacks, such as those using encryption or imitating user behavior, require an expert approach,” the company said.
In addition, the survey found that one-third (30%) fail to take action because they think they are unlikely to be targeted by DDoS attacks. Surprisingly, one in ten (12%) even admit to thinking that a small amount of downtime due to DDoS would not cause a major issue for the company, Kaspersky added in the release. “The reality is that any company can be targeted because such attacks are easy for cybercriminals to launch. What’s more, the potential cost of a single attack can be millions.”
“As we’ve seen with the recent attacks, DDoS is extremely disruptive, and on the rise,” said Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “When hackers launch a DDoS attack, the damage can be devastating for the business that’s being targeted because it disables a company’s online presence. As a result, business workflow comes to a halt, mission-critical processes cannot be completed and reputations can be ruined. Online services and IT infrastructure are just too important to leave unguarded. That’s why specialized DDoS protection solution should be considered an essential part of any effective protection strategy in business today.”