Nearly three-quarters of global brands and organizations suffered DDoS attacks in the past year, and nearly half of those were attacked at least six times, according to research released Tuesday by information services and analytics company Neustar. Once an organization has been attacked, there is an 82 percent chance it will be attacked again, The Threatscape Widens: DDoS Aggression and the Evolution of IoT Risks says.
For the third time Neustar surveyed over 1,000 IT professionals on 6 continents in April about DDoS attacks and prevention over the past year, and found that 57 percent of all attacks result in theft of customer data, finances, or intellectual property. Additionally, 45 percent report finding a virus or malware installed after an attack, creating a risk even before the next DDoS attack occurs. Corero released survey results recently which also showed a trend towards repeated DDoS attacks.
In response to this threat, 76 percent of companies have increased their DDoS protection investment since 2014, and nearly half of those attacked are sharing information through security consortiums, demonstrating a concerted effort to meet the continual security challenge.
“The findings of our most recent report are clear: attacks are unrelenting around the world but organizations are now recognizing DDoS attacks for what they are – an institutionalized weapon of cyber warfare – and so are protecting themselves,” Rodney Joffe, Head of IT Security Research at Neustar said in a statement.
Joffe urges dialogue throughout organizations about multi-layered cybersecurity, as DDoS attacks increasingly affect every department. “This should be a discourse that reaches from security through to marketing, as when a DDoS attack hits, the reverberations are felt like a domino effect throughout all departments,” he says.
The Internet of Things also poses a new potential threat vector, as 63 percent of those surveyed have IoT deployments, but only 34 percent have put IoT security measures in place. Predictably, therefore, attack rates were even higher for IoT adopters.
Hank Skorny, Neustar IoT expert, comments on security and IoT: “Although IoT is already here, the Internet was never built with security in mind; ease of use and convenience were paramount.”
A report released in March by NSS Labs showed that cybercriminals already have a poorly defended target vector in the application layer.
The most worrisome trend of all may be the tendency of companies to adopt technology before adopting the security that goes along with it. Expect to read more about IoT security products as unprotected organizations tally their losses.