New research out from the cybersecurity team at Kaspersky Lab indicates that DDoS attacks are costly today — and getting more so by the minute. According to the report, SMBs can count on a price tag of around $120 thousand on the attack, while enterprise-level attacks generally come with about a $2 million cost.
That, according to the IT Security Risks Survey 2017, indicates that the price on these types of attacks has spiked over the last year — the $123K an SMB can expect to pay in the event of a distributed denial of service attack is up from the $106K cost in 2016. The bounce is bigger for enterprise-sized firms, climbing to $2.3M in 2017, on average — a full half-million more than those attacks cost a year ago.
And that’s just the money — Kaspersky notes that these figures can not count the “unquantifiable impacts” of an attack such as reputational damage, which can be quit costly in its own right. Just ask the team at Equifax.
As for the the non-financial burden of being DDoSed — a third of business note that the costs of fighting and restoring services is the main burden, and a quarter note that the biggest problem is time spent offline or using a back-up system. Reputation loss was logged as an issue about 22 percent of the time.
“DDoS attacks, both standalone or as part of an attack arsenal, can cost an organization thousands, if not millions — that’s without counting reputational damage and lost clients and partners as a result,” said Kirill Ilganaev, head of Kaspersky DDoS protection, Kaspersky Lab. “It is therefore wise to be aware of these threats and invest in their own protective measures in advance. It is also important to choose reliable specialized security solutions that are based on cybersecurity expertise and tailored to fight the most sophisticated DDoS attacks organizations face today.”
The report also indicated that while the attacks were becoming more costly and frequent, businesses still largely rely on third party protection — from their ISP, or data center/infrastructure partners. Additionally, 28 percent claim that it is unlikely that they will be targeted by a DDoS attack in general.