Another report finds enterprise and commerce industries to be major victims
Distributed Denial of Service (DDoS) attacks on businesses have doubled in one year in 2013, with over 40% of them estimating the loses to be over $1m a day, according to the latest annual report by real-time information and analytics firm Neustar.
The DDoS Attacks and Impacts Report says that larger attacks almost tripled and those between 1-5Gbps in size grew by 150%.
Cloud services provider Akamai Technologies’ ‘Fourth Quarter 2013, State of the Internet Report’, released almost simultaneously, supports Neustar’s findings. The report says that the DDoS attacks reported by its customers increased by 23% in the fourth quarter of 2013 from the previous quarter, and by 50% year-on-year.
Enterprise and commerce industries account for nearly 70% of the total DDoS attacks.
Both the reports observe that repeat attacks have increased. Akamai says that this occurred at one in three probability in Q4 2013, while Neustar found that 90% of the companies surveyed were hit repeatedly.
The Neustar survey, which covered nearly 450 companies in North America across various industries, finds a raise in "smokescreening" attacks. These DDoS attacks are used by criminals to distract IT staff while inserting malware to breach bank accounts and customer data.
Supporting this trend, the survey finds that 49% of businesses who suffered a DDoS attack and a breach in 2013 were having malware installed in their systems; 55% of DDoS targets said that they were also victims of theft.
Neustar senior vice president and senior technologist Rodney Joffe said, "DDoS attacks create an ‘all hands on deck’ mentality, and the potential for damage is high as criminals take advantage of the distraction to grab and clone private data to tap into funds, intellectual property and more.
"Businesses should look out for shorter, more intense attacks without the traditionally expected extortion or policy demands. It is critical that they protect themselves by dedicating staff to watch entry systems during attacks, making sure everything is patched and having dedicated DDoS protection."