Overconfidence and underpreparedness in DDoS mitigation, and the dangers for European businesses

Overconfidence and underpreparedness in DDoS mitigation, and the dangers for European businesses

With DDoS attacks now making headlines regularly, the threat of being the next target is very much real for European businesses. The Mirai botnet of October 2016 is a perfect example. This prolific attack undermined the likes of Twitter, Amazon and the BBC, and highlights how cybercriminals are taking advantage of the increasing number of connected devices to carry out cyber-attacks en masse. The recent news of the Reaper botnet only adds more fuel to the fire, especially when it is rumoured to have the potential to cause more damage than its predecessor.

With cybercriminal sophistication growing, European businesses need to take DDoS mitigation seriously. We therefore took it upon ourselves to investigate the DDoS resilience of over 300 businesses in the UK and DACH. Businesses are naïve to the threat of DDoS attacks, and believe they are adequately prepared to withstand one on their website.

But reality paints a very different picture – and this overconfidence could be putting businesses in great danger.

Overconfidence in DDoS mitigation

Our research found on average, European businesses are spending £24,200 a year on DDoS mitigation, with a fifth of businesses investing more than £40,000 per annum. Not only has the majority of investment in DDoS mitigation technology taken place within the last two years, but 64% are also planning to invest more in the next 12 months. On the face of it, it seems that businesses are taking the threat of DDoS seriously, and are spending more on technology to stay protected.

It could be said the motivation for European businesses investing more in DDoS mitigation technology is because 79% rate the likelihood of their infrastructure being attacked as likely to almost certain. Yet despite seeing the threat of an attack so high, 83% of businesses stated they were confident, or very confident, in both their current DDoS mitigation and how resilient they will be in two years’ time.

Businesses’ self-assurance in DDoS mitigation therefore comes from the amount of investment, its recency and the likely increase in investment over the next 12 months.

Confidence or complacency?

In truth, this confidence in DDoS resilience isn’t universal, and a minority (44%) harbour some doubts on their preparedness and the amount they are investing in DDoS mitigation technologies.

And those with niggling doubts may actually be right. When asked about the frequency of attacks, 86% confirmed they had suffered a DDoS attack in the last 12 months. A staggering 8% had detected more than 50 attacks! Scarily, these attacks seem intentional too, with malicious attacks by competitors the most common assumption from businesses.

But if confidence is to be proven to in fact be complacency, the number of attacks is immaterial – it is the number of successful attacks that is important. And our research shows 54% of businesses have suffered at least one successful DDoS attack in the last 12 months.

This complacency is only heightened when looking at how businesses see the severity of DDoS attacks – and only 5% believe a DDoS attack would be catastrophic.

Staying protected against DDoS

The good news for businesses is, there are five steps they can take to ensure DDoS mitigation isn’t under-provisioned:

  1. Test DDoS vulnerability: The first step businesses should do is perform a vulnerability test. This will identify where gaps lie in their system and network defences, and how easily they could be exploited, and whether their DDoS mitigation is fit for purpose.
  2. Identify areas for investment: A vulnerability test will ultimately identify the services and technologies required to ensure they are protected, and how to fine-tune their use. With DDoS attacks growing in sophistication, the practical solution would be to use a cloud mitigation provider, as they will be able to ensure DDoS attacks are fully absorbed.
  3. Prepare for the worst: Regardless of confidence in DDoS mitigation, business continuity should be a key part of any DDoS plan. So aside from the technical requirements of duplicating information and ensuring that recovery time objectives and recovery point objectives match business needs, they need to make sure they identify the crisis team and any security partners immediately. Having a communications plan in place will also ensure partners, employees, customers and the media are kept informed if an attack takes place.
  4. Say no to ransom notes: In some instances, cybercriminals will demand a ransom before they cease a DDoS attack. If this happens, paying is not recommended – there is no guarantee the attacker will honour the commitment following payment, and once one payment has been made, there is a strong likelihood of them demanding even more money.
  5. Have insurance in place: The war between cybercriminals and businesses is an arms race, and in some instances, the cybercriminals will win. Having insurance policies in place can help if they do fall victim to a DDoS attack.

The threat of DDoS is real for European businesses, and having the tools and technology in place is key to ensuring cybercriminals don’t win the DDoS arms race. For more information on European businesses’ overconfidence in DDoS mitigation, you can download our report here.

For more information on how CDNetworks can help keep your website secure, please contact us.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.