A recent survey of 4,000 representatives of businesses in 25 countries found that 16 percent of respondents are not protected from DDoS attacks at all, and 39 percent admit that they’re unclear on how best to combat DDoS attacks.
The 2016 Kaspersky Lab Corporate IT Security Risks survey also found that 49 percent of respondents rely on built-in hardware for protection from DDoS attacks, and 40 percent assume that their ISP will provide protection from DDoS attacks.
Twelve percent of respondents believe a small amount of downtime due to a DDoS attack would not cause a major issue for their company.
“As we’ve seen with the recent attacks, DDoS is extremely disruptive, and on the rise,” Kirill Ilganaev, head of DDoS protection at Kaspersky Lab, said in a statement.
“When hackers launch a DDoS attack, the damage can be devastating for the business that’s being targeted because it disables a company’s online presence,” Ilganaev added. “As a result, business workflow comes to a halt, mission-critical processes cannot be completed and reputations can be ruined.”
According to Verisign’s Q3 2016 DDoS Trends Report, fully 81 percent of DDoS attacks in the third quarter of last year peaked over 1 Gbps, and 30 percent peaked over 5 Gbps.
The average peak attack size surged by 82 percent year over year from 7.03 Gbps in Q3 2015 to 12.78 Gbps in Q3 2016.
The largest attack in Q3 2016 used the Generic Routing Encapsulation (GRE) protocol and peaked at 250+ Gbps and 50+ Mpps.
Fifty-nine percent of attacks used multiple attack types, making them more challenging to mitigate. Fourteen percent used five or more attack types.
The top three industries targeted by DDoS attacks in the third quarter of last year were IT services/cloud/SaaS (37 percent of attacks), financial services (29 percent), and the public sector (12 percent).