Corporate data is increasingly under threat from distributed denial of service (DDoS) attacks, which have risen by 33 per cent, according to Kaspersky Labs. The security firm's Global IT Security Risks Survey 2017 found that one-third of companies were attacked in 2017, double the amount in 2016, while half of the companies claimed that the frequency and complexity of DDoS attacks targeting organizations like theirs is growing every year.
DDoS used to target corporate data
The survey's report stated: “Cybercriminals are increasingly using DDoS attacks as a way to gain access to valuable and lucrative corporate data, and not just to cripple a victim’s services. This rapid development in the cyberthreat landscape has meant that all businesses are potential DDoS attack targets – from very small businesses through to enterprises.”
The attacks show no sign of slowing down and this highlights the importance of increased awareness and protection against DDoS attacks. DDoS attacks cause significant business disruption. More than a quarter (26 per cent) of the organisations that have been hit by DDoS attacks reported a significant decrease in performance of services, and 14 per cent said there was a failure of transactions and processes on affected services.
DDoS attacks used as smokescreen
As well as causing immediate and visible operational issues, many companies also claim that DDoS attacks are being used to cover-up other types of incident – leading to severe financial and reputational damage. In the first half of 2017, over half of those respondents affected by a DDoS attack (53 per cent) claimed that it was used as a smokescreen to hide other types of attack such as malware infection, data leak/theft, network intrusion/hacking or financial theft.
Kaspersky Lab's Kirill Ilganaev said: “The threat of being hit by a DDoS attack – either standalone or as part of a greater attack arsenal – is showing no signs of diminishing. It’s not a case of if an organisation will be hit, but when. With the problem growing and affecting every type and size of company, it is important for organizations to protect their IT infrastructure from being infiltrated and keep their data safe from attack. Working with the right partner will ensure that companies can cope with all levels and complexities of DDoS incident, as the attacks only continue to get stronger and more sophisticated.”
CTMFile take: Companies should be holding cross-department discussions about IT measures that need to be taken to prevent or mitigate the risk of DDoS attacks and response plans should be in place to deal with a possible DDoS scenario.
Vital cybersecurity and data-security insights for CYA
Equifax hearing reveals some ideas for data security, but should you be worrying about your competitors and under reporting
Fraud bad news keeps on coming: the simple structures and processes to protect you
CIFAS: UK Identity fraud at epidemic levels; Symantec: major security breaches record; BELLIN: simple structures and processes that protect the corporate treasury department
Are your payments safe from these 8 cyber risks?
Do you know the eight types of cybercrime that could affect your payments and financial operations? An EPC report gives some detailed analysis on how to mitigate cyber fraud risks