Companies are doing something about DDoS but it’s not enough
One very positive aspect of data in Neustar’s 2017 Worldwide DDoS Attacks and Cyber Insights Research Report shows that 99% of organizations are doing at least one thing to combat DDoS attacks. And 90% say they plan to invest more (p. 28). So pretty much everyone is aware of the risk and searching for better answers in response to threats.
Among the strategies include (see p. 29) using proactive measures to deepen defenses (47%), protecting customer confidence and brand reputation (46%), fostering industry and regulatory compliance (39%), and preventing associated attacks such as ransomware (44%). Efforts like these are occurring across all types of businesses.
Collaboration by security professionals to help mitigate DDoS attacks is also rising (p. 30). IT teams are sharing threat information and/or adopting new technologies via several channels. These include engagement with security consultants (50%), participating in security consortiums (44%), directly exchanging insights with other companies (41%), proactively working with law enforcement to learn more about threat information (39%), and working with law enforcement as a result of a previous breach (37%).
So this is all good – right? Well … better, but not good. Despite awareness and efforts, organizations around the world are still getting hammered and impacted by DDoS attacks. In the real world of hard knocks, getting an “A” for effort is worthless if the results are bad. And the results, indeed, are very bad.
Consider the data reported by our respondents: 84% experienced at least one DDoS attack last year (up 15% from the year before). And 86% of those attacked had more than one DDoS event last year (p. 8).
Detection and response rates for DDoS attacks are abysmal and getting worse (see pp. 19-20). Attackers have learned how to tease defenses, probe network vulnerabilities and execute more lethal strikes.
The inability of organizations to detect DDoS attacks is so bad that they are learning they’ve been attacked from other sources – 40% from customers, 33% from business partners, and 4% from other third parties (p. 18). Globally, 51% of respondents attacked took at least three hours to definitively identify a DDoS attack (p. 19). Response times are equally dismal – 48% required three or more hours for mitigation (p. 20).
It’s not good when nearly half of those organizations attacked are inadvertently using their own customers as DDoS monitoring services, so clearly what’s in place is not enough. I recommend that you download our report here and carefully study the data. Understanding the risks, especially through the vicarious experience of others, is a way to improve your risk profile assessment and is a vital step forward in improving your DDoS defenses.
As your organization considers its commitment to DDoS prevention, Neustar urges you to look into approaches and strategies that fit your specific requirements. Layered and hybrid defense management, such as augmenting on-premises appliances with massive cloud resources, can enable a more effective defense against bigger and more complex DDoS attacks.