Distributed Denial of Service (DDoS) attacks are becoming more prolific and pervasive, with one in four IT, telecoms and financial services companies experiencing an attack in the past 12 months alone, according to a new survey conducted by Kaspersky Lab and B2B International.
The survey also found that while just under half (47% ) of financial businesses accept that they are prime targets, IT and telecoms companies don’t think they are any more at risk than other sectors, which could be leaving them vulnerable when it comes to IT security.
Overall, a third of companies (36%) believe they are likely targets for a DDoS attack, increasing only slightly for IT (40%) and telecoms businesses (38%).
One in six (16%) of those surveyed has actually been hit, but this figure rises to one in four for companies in the IT (21%), financial services (22%) and telecoms (24%) sectors, the survey shows.
DDoS attacks have become one of the most popular weapons in the cybercriminal arsenal, used to extort money, disrupt operations or damage reputations, and also to distract attention from another cyber-attack being carried out at the same time, Kaspersky Labs says.
Nearly 75% of businesses have said that DDoS attacks against their companies corresponded with other security incidents, according to the company.
However, the study shows that many companies lack awareness of DDoS and are unsure about how to stop them or limit their impact.
Only 52% of companies feel well-informed about DDoS attacks and just 53% know how to prevent or mitigate them, rising to 61% of those in financial services and telecoms.
Evgeny Vigovsky, Kaspersky Lab head of DDoS Protection, says, “As the recent DDoS attacks on telecoms companies and banks reveal, businesses in these sectors represent prime targets for DDoS attackers.
“In some cases, DDoS attacks are a smokescreen for the cyber-theft or result in exorbitant ransom demands. That is why vulnerable sectors need to be extra-vigilant about security and be ready to deal with DDoS attacks.
“They need to build their understanding of the threat and choose the best protection against it. The days of DDoS attacks being an operational frustration that just resulted in some downtime are long over.”