Although the motivation behind a distributed denial-of-service (DDoS) attack may vary, what’s increasingly common is where they are taking place. As enterprises ratchet up their use of cloud-based services, their cyber adversaries are attacking a shared infrastructure with negative effects for others. Thirty-five percent of service providers face at least one or more DDoS attack every week, according to the results of a new survey by DDoS mitigation vendor Black Lotus. It’s poll of 129 representatives at cloud service providers also found that 61 percent believe these attacks are a threat to their business.
Are you serious?
Are these service providers genuinely concerned about DDoS attacks damaging their businesses? It would seem so, as 92 percent said they have some manner of DDoS protection in place, or a strategy to deal with attacks as they occur.
“The majority of DDoS attacks are currently aimed at IT infrastructures rather than websites or applications. Vendors of cloud services represent the most common targets,” noted a report from Black Lotus outlining the survey results.
The report identified providers of managed hosting solutions, Voice over IP (VoIP), and platform-as-a-service (PaaS) being most affected, as they deal with DDoS attacks on a monthly or more basis. Sixty-four percent of the PaaS providers surveyed said they have been targeted by these attacks, as have 52% of infrastructure-as-a-service (IaaS) providers.
These findings are in lockstep with the results of a recent report on worldwide infrastructure security, which found that nearly two-thirds of those working in the data center industry faced DDoS attacks in the last year. Further, the study noted, the frequency of attacks against infrastructure providers continues to increase, with some data centers being targeted dozens of times a month.
DDoS also presents a genuine availability problem, yet availability of services is one of the value propositions offered by many cloud service providers. So it’s no surprise to see that most respondents said attacks resulted in increased operational expenses, with 85 percent of the providers admitting to some customer churn.
A recent survey by B2B International indicated that DDoS attacks do have a tangible impact on a businesses’ bottom line. It found that attacks cost large businesses an average of $444,000 in lost revenue and subsequent IT spending, whereas small-to-medium-sized businesses (SMBs) came in at an average of $52,000 per incident
“DDoS attacks will continue to grow in scale and severity thanks to increasingly powerful (and readily available) attack tools, the multiple points of Internet vulnerability and increased dependence on the Internet,” said Shawn Marck, co-founder and CSO of Black Lotus, in a press statement. “Enterprises have to move from thinking of DDoS as a possibility, to treating it as an eventuality.”