Radware DDoS Report: Encrypted Attacks, Costs for Businesses Soar

A new survey by security specialist Radware suggests the financial cost of a single successful cyberattack climbed to an average of $1.1 million (£857,000) in 2018, up a hefty 52 percent from the previous year’s survey.

Tel Aviv-headquartered DDoS mitigation specialist Radware surveyed 790 individual respondents for the report, with 28 percent having revenue of over $1 billion and those surveyed having an average of 4,300 employees.

Radware DDoS reportIn a 64-page report dubbed “The Trust Factor: Cybersecurity’s Role in Sustaining Business Momentum” the company also pointed to a 62 percent increase in the number of companies being attacked daily (20 percent).

Among the report’s other key takeaways: a 13 percent rise in the number of organisations experiencing encrypted DDoS attacks.

As the company’s researchers put it: “These attacks required high-capacity resources to mitigate… Detecting and mitigating attacks in encrypted traffic was a challenge for organizations on different levels.”

Read this: BBC Wants Top of the Range DDoS Protection, Waves £500k Cheque

Typically DDoS attacks cause traffic floods that congest the capacity of the targeted network or server and prevent legitimate users from accessing them.

While traditionally these floods were generated at the network level (Layers 3–4 of the OSI model — UDP/TCP Floods), in 2017, the application layer emerged as the preferred vector. In 2018, the application layer is still a target, Radware noted, but network-layer DDoS attacks are back on the rise, growing 12 percent year over year.

Radware’s researchers noted: “The greatest impact of cyberattacks is clogging the internet pipe, followed by crashing servers if attacks are not mitigated at the perimeter or firewall. Firewalls are third on the list, as they —together with IPSs and ADCs — are stateful devices that, by design, cannot withstand a DDoS attack since their connection tables are quickly filled.”

The company added: “Radware sees a decrease in small-scale attacks and a shift toward larger volumes across the board. The use of extra-large attacks (above 10Gbps) that can saturate most of the internet pipes globally have almost doubled in 2018.”

Radware DDoS Report: “Motive Unknown”?

In 2018, 78 percent of DDoS attacks resulted in service degradation or a complete outage, compared to 68 percent in 2017.

Beyond such Distributed Denial of Service Attacks, as massive 93 percent of respondents experienced a cyberattack in the past 12 months. Curiously, while the motivations for attacks remained fairly consistent year over year, the responses for “motive unknown” almost tripled in 2018.

Radware said believes it is becoming “harder for organisations to distinguish malicious traffic from legitimate traffic as a result of growing incidences and evasive disguise tactics.”

DDoS mitigation services like those from Radware, NETSCOUT, Akamai and Cloudflare typically funnel the traffic attacking their client to “scrubbing” data centres to weed out and block malicious packets. They can be based on-prem, in the cloud or be hybridDDo

See also: Hipster Hackers turning to Retro Protocols for DDoS Attacks

 

The post Radware DDoS Report: Encrypted Attacks, Costs for Businesses Soar appeared first on Computer Business Review.