DDoS attacks cost businesses $50,000 per attack but lost revenue is not the most damaging impact, according to new research from Corero Network Security.
The vendor polled over 320 cybersecurity professionals from a variety of sectors including financial services, cloud, government, and online gaming.
The vast majority said a single attack could lead to $50,000 worth of lost business, plus the cost of mitigating the attack itself and lost productivity.
Over two-thirds (69%) claimed they experience the equivalent of one attack every day, or 20-50 per month.
Interestingly, the immediate financial impact was not ranked as the most damaging effect of DDoS. Respondents were most concerned about loss of customer trust (78%) followed by IP theft, and then the threat of malware infection, with lost revenue down in fourth place.
“Not all DDoS attacks will cost an organisation $50,000, but having your website taken offline can damage customer trust and confidence,” argued Corero Network Security CEO, Ashley Stephenson.
“It will also impact the ability of sales teams to acquire new customers in increasingly competitive markets. These attacks cause lasting damage to a company’s reputation and could have negative consequences for customer loyalty, churn and corporate profits.”
A majority (85%) also claimed that DDoS attacks are used to distract the IT team while attackers attempt to steal data, while 71% said that attacks in the past have demanded they pay a ransom to call off.
Attacks are a greater concern than they have been in the past, primarily because of the volume of unsecured IoT devices around, according to 83% of respondents.
In January, researchers spotted a new Mirai variant targeting ARC processors said to be shipped in 1.5bn devices per year.
Earlier this month, another Mirai-like botnet, IoTrooper, was spotted launching DDoS attacks against several financial services firms in what was believed to be the first such campaign of its type since Mirai.