The study—which included data derived from more than 100 IT decision makers in U.S.-based companies with up to 750 employees—revealed that 83 percent of organizations have experienced a Distributed Denial of Service (DDoS) attack within the last two years, and more than half of them experienced multiple attacks.
A DDoS attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming the target with a flood of internet traffic. The traffic usually comes from web-connected computers infected with malware.
The majority of these organizations reported that, on average, a DDoS attack caused 12 hours of downtime, and another 30 percent said that it caused around 20 hours of downtime. More than a third of those surveyed considered revenue loss the most dire consequence caused by DDoS attacks. Other impacts reported by respondents included a decrease in IT staff productivity (34 percent) and reputational damage (20 percent). Despite this, 17 percent of the respondents did not have, or were not sure if they had, a DDoS protection provider or tool.
The survey also showed that 81 percent of respondents had experienced a cyberattack on their web applications in the past two years, and nearly half experienced several cyberattacks. The average financial impact of affected companies’ most recent cyberattacks was approximately $152,000. Despite this, 91 percent of respondents still consider their website and application security performance to be satisfactory, with nearly three in five saying it’s highly satisfactory.
To combat these threats, many respondents are turning to managed service providers to help implement, monitor and maintain a mixture of cybersecurity technologies, including cloud-based firewalls (73 percent), DDoS protection (71 percent), and email security (62 percent). In addition, 97 percent of participating organizations scan and test for vulnerabilities within their web applications.
“The number of respondents that have experienced DDoS and application attacks is jarring, demonstrating that there is always room for improvement in keeping up with modern cyberthreats,” said Trevor Bidle, vice president of information security and compliance officer at US Signal. “While the survey showed that there is a clear culture of investing in IT security solutions across organizations, there seems to be a need for more robust security tools and managed services to help resource-strapped technical teams. The reputational and financial damage that an online attack can cause a company is immense, and we hope security vendors and service providers can use this data to enhance their offerings and further protect their customers’ websites and applications.”
To view the full 2019 State of Web and DDoS Attacks survey findings, visit https://ussignal.com/ddos-survey-2019.
US Signal is a provider of connectivity, cloud hosting, colocation, data protection, and disaster recovery. It has a 14,000-mile fiber optic network linking more than 225 data centers. The company serves the manufacturing, healthcare, financial services, education, and retail industries.