Disruptive cyber-attacks are becoming more effective at breaching security defences,causing major disruption and sometimes bringing down organisations for whole working days, according to a new global study from BT.
The research reveals that 41 per cent of organisations globally were hit by Distributed Denial of Service (DDoS) attacks over the past year, with three quarters of those (78 per cent) targeted twice or more in the year.
DDoS attacks are seen as a key concern by more than a quarter of Middle East organisations (27 per cent). Globally the worry is even greater, with more than twice as many organisations naming them a key concern (58 per cent).
The new study explores attitudes to and preparedness for DDoS attacks of IT managers from organisations in eleven countries and regions around the world. It reveals that despite the growing concern over the attacks, less than half of Middle East organisations (40 per cent) have a response plan in place should a DDoS attack occur. Two in ten Middle East IT decision makers (20 per cent) strongly believe they have sufficient resources in place to counteract an attack.
DDoS attacks can cause major disruption for organisations; they can take down an organisation’s website, overwhelm a datacentre or generally cause networks to grind to a halt and become unusable. They are also increasingly becoming more complex and difficult for organisations to fend off.
Almost six in ten (59 per cent) of those polled agree that DDoS attacks are becoming more effective at subverting their organisation’s IT security measures. Attackers are often adopting hybrid, or multi-vector, attack tactics which involve attacks through multiple platforms. These have increased by two fifths (41 per cent) during the past year.
Multi-vector attacks pose increased complexity and risk as they involve multiple attack methods deployed simultaneously. These often require a dedicated mitigation team to track and combat the threat across multiple fronts, as automated systems are less likely to be able to offer adequate protection.
Mark Hughes, president of BT Security, explained: “DDoS attacks have evolved significantly in the last few years and are now a legitimate business concern. They can have a damaging effect on revenues and send an organisation into full crisis mode. Reputations, revenue and customer confidence are on the line following a DDoS attack. Finance, e-commerce companies and retailers in particular suffer when their websites or businesses are targeted.”
Unsurprisingly, organisations see an increase in customer complaints when their network systems go down after a DDoS attack. Respondents said customer complaints and queries jumped by an average of 36 per cent.
The impact that DDoS attacks can have on organisations is felt in the length of time it has taken organisations to recover from their most severe attack. On average, organisations take 12 hours to fully recover from an especially powerful attack – longer than an entire working day. In the Middle East, the vast majority of IT decision makers (83 per cent) admit that DDoS attacks have bought down their systems for more than six hours – almost a full working day.
Mark Hughes adds: “The most efficient way to protect against the attack is raising awareness among employees and partnering with a trusted and capable supplier. At BT, we are working with leading global organisations to help them mitigate risks and put in place proactive defences. It is only when security is optimised that organisations are able to harness the possibilities of today’s connected world.”