Companies are doing something about DDoS but it’s not enough
One very positive aspect of data you can find in Neustar’s 2017 Worldwide DDoS Attacks and Cyber Insights Research Report shows that 99% of organizations are committed to implementing at least one thing to combat DDoS attacks. And 90% of the companies surveyed say they plan to invest more (p. 28) in order to protect themselves from an attack. So pretty much everyone is aware of the risk and they're searching for better answers in response to the growing global threats.
Among the strategies include (see p. 29) using proactive measures to deepen their defenses (47%), protecting customer confidence and brand reputation (46%), fostering industry and regulatory compliance (39%), and preventing associated attacks such as ransomware (44%). Efforts like these are occurring across all types of businesses.
Collaboration by security professionals to help mitigate DDoS attacks is also rising (p. 30). IT teams are sharing threat information and/or adopting new technologies via several channels. These include engagement with security consultants (50%), participating in security consortiums (44%), directly exchanging insights with other companies (41%), proactively working with law enforcement to learn more about threat information (39%), and working with law enforcement as a result of a previous breach (37%).
So this is all good – right? Well … better, but it's still not quite good enough. Despite awareness and efforts, organizations around the world are still getting hammered and impacted by DDoS attacks. In the real world of hard knocks, getting an “A” for effort is worthless if the results are bad. And the results as you can see in the report, indeed, are very bad.
Consider the data reported by our respondents: 84% of the companies experienced at least one DDoS attack last year (that's an increase of 15% from the year before). And 86% of those attacked had more than one DDoS event last year (p. 8).
Detection and response rates for DDoS attacks are abysmal and getting worse (see pp. 19-20). Attackers have learned how to tease defenses, probe network vulnerabilities and execute more lethal strikes.
The inability of organizations to detect DDoS attacks is so bad that they are learning they’ve been attacked from other sources – 40% from customers, 33% from business partners, and 4% from other third parties (p. 18). Globally, 51% of respondents attacked took at least three hours to definitively identify a DDoS attack (p. 19). Response times are equally dismal – 48% required three or more hours for mitigation (p. 20), which is far longer than it should be or needs to be.
It’s not good when nearly half of those organizations attacked are inadvertently using their own customers as DDoS monitoring services, so clearly what’s in place is not good enough to meet the demands of fighting off a modern attack. I recommend that you download our report here and carefully study the data. Understanding the risks, especially through the vicarious experience of others, is a way to improve your risk-profile assessment and is a vital step forward in improving your DDoS defenses.
As your organization considers its commitment to DDoS prevention, Neustar urges you to look into approaches and strategies that fit your specific requirements. Layered and hybrid defense management, such as augmenting on-premises appliances with massive cloud resources, can enable a more effective defense against bigger and more complex DDoS attacks.