SlideShare una empresa de Scribd logo
1 de 13
THE COST
OF DDOS ATTACK:
Risk assessment, mitigation
and protection for businesses
AGENDA
What is DDoS?
Attack methods and common scenarios
Risk assessment
The impact and cost of DDoS attacks
DDoS as a cover-up for other attacks
Prevention and mitigation
DDoS protection
THE COST OF DDOS ATTACK · 2
http://media.kaspersky.com/en/business-security
/enterprise/DDoS_Protection_White_Paper.pdf
THE COST OF DDOS ATTACK · 3
WHAT IS DDOS?
A Distributed Denial of Service (DDoS)
attack is one of the most popular weapons
in the cybercriminals’ arsenal. It aims to
make information systems such as websites
or databases impossible for regular users to
access normally.
There can be different motives behind
launching DDoS attacks, ranging from
cyber-hooliganism to dirty competition
practices or even extortion.
THE COST OF DDOS ATTACK · 4
DDOS ATTACK METHODS
VOLUMETRIC ATTACKS
These attacks are increasingly common. By generating traffic levels that exceed
the target business’s available bandwidth, the attack saturates the capacity of the
victim’s corporate Internet connection – and that disables or delays all online
activities.
APPLICATION LAYER ATTACKS
Application layer attacks try to crash the servers that are running vital applications
– such as the web servers that the victim’s online presence depends on.
OTHER INFRASTRUCTURE ATTACKS
Attacks that aim to disable network equipment and / or server operating systems
can totally halt the operation of key business processes.
HYBRID ATTACKS
Cybercriminals also launch complex attacks that combine several methods –
including volumetric, application layer and infrastructure attack techniques.
http://media.kaspersky.com/kaspersky-ddos-protection-data-sheet.pdf
2. Launching a DDoS amplification attack through publicly available
servers containing software vulnerabilities
Under the second scenario involving an amplification attack, servers
leased out from a data center can be used instead of bots. Public
servers with vulnerable software are typically used for enhancement.
Today, either DNS (domain name system) servers or NTP (network
time protocol) servers can be used. An attack is amplified by spoof-
ing return IP addresses and sending a short request to a server that
requires a much longer response. The received response is sent to
the spoofed IP address which belongs to the victim.
TWO COMMON DDOS ATTACK SCENARIOS
http://media.kaspersky.com/en/business-security/DDoS-Protection-White-Paper.pdf
THE COST OF DDOS ATTACK · 5
1. Sending requests directly to the attacked
resource from a large number of bots.
In this scenario, cybercriminals turn
a multitude of computers into
remotely controlled “zombies”
which then follow the master’s
command and simultaneously send
requests to the victim computing
system (conduct a “distributed
attack”)
The top three industries
most likely to suffer from
a DDoS attack are:
telecoms, financial
services and IT.
BUSINESSES AT RISK
A DDoS attack is most likely to last for several hours.
But 6% of businesses reported attacks that latest a
week, resulting in a severe impediment of services.
CUSTOMER PORTAL/LOGIN AREA
COMMUNICARIONS SERVICES
PUBLIC WEBSITE
TRANSACTIONAL SERVICES
FILE SERVERS
LESS THAN 10 MINUTES 10,1%
IT/TELECOM
24%
FINANCIAL SERVICES
21%
CONSTRUCTION AND ENGINEERING
20%
41%
40%
39%
29%
26%
THE COST OF DDOS ATTACK · 6
29,1%
37,9%
14,3%
6,1%
0,5%
1,9%
10 MINUTES TO AN HOUR
SEVERAL HOURS
A FULL DAY
2 DAYS TO A WEEK
SEVERAL WEEKS OR LONGER
DON’T KNOW/CANNOT SAY
The top three types of
infrastructure targeted are:
public websites, the limited
access customer portal,
general communications
infrastructure
UNDERSTANDING
THE IMPACT
The direct financial costs of recovering from a DDoS attack can be massive regardless of industry
– lost business opportunities, reputational risks and many other things.
https://www.kaspersky.com/small-to-medium-business-security/ddos-protection
THE COST OF DDOS ATTACK · 7
Failed sales
transactions during
downtime periods
Negative publicity that
dissuades existing
customers and
potential clients
Failed transactions
with possible
penalties
Damage to your
business brand that
could take years to
recover from
Direct
financial costs
Your own team
needs reliable
access to key
services
http://newsroom.kaspersky.eu/en/texts/detail/article/lose-a-fortune-one-ddos-attack-can-cost-a-company-over-16m/
http://newsroom.kaspersky.eu/fileadmin/user_upload/en/Campaign/KESB_2013/Pdfs/20160930_Press_Release_DDoS_cost_ENG_Final.pdf
THE COST OF DDOS ATTACKS
The average cost of a DDoS attack is $106,000 for smaller
companies and more than $1.6 million for enterprises
BIGGEST EXPENSES ASSOCIATED WITH DDOS ATTACK:
If an attack is detected in the first 24 hours,
the costs can be almost halved, compared
to an attack detected over a day later.
THE COST OF DDOS ATTACK · 8
CHANGES TO THE
CREDIT RATINGS
CHANGES TO THE
INSURANCE RATINGS
OVERTIME PAYMENTS
TO EMPLOYEES
10%
STAFF TRAINING
10%
PR EXPENSES TO RESTORE A COMPANY’S REPUTATION
9%
19%
Medium and Large Companies
20%
Small Companies
17%
OTHER MAJOR DDOS-RELATED COSTS
CUSTOMER COMPESATION
12%
UPGRADING IT INFRASTRUCTURE AND SOFTWARE
THE COST OF DDOS ATTACK · 9
REPUTATION DAMAGE
DUE TO CUSTOMERS’
MISCONCEPTION
https://www.kaspersky.com/small-to-medium-business-security/ddos-protection
If your business is subjected to a DDoS attack, it could also suffer
additional losses that result from misconceptions about exactly
what a DDoS attack is – and how it could affect your customers.
Even though DDoS attacks are unlikely to have any effect on your
customers’ security, can you be sure your customers will
understand this?
Whenever customers hear about a ‘security incident’ – any
security incident – some may fear that their confidential
information, bank details and credit card numbers could be at risk.
Even though these fears may be totally illogical – and stem from
customers’ misunderstandings about the nature of DDoS attacks –
your business could still suffer.
THE COST OF DDOS ATTACK · 10
Audit IoT devices within
your infrastructure
Change any default settings
(especially common in medium
and small companies using
consumer-level routers)
https://securelist.com/analysis/quarterly-malware-reports/76464/kaspersky-ddos-intelligence-report-for-q3-2016/
https://business.kaspersky.com/iot-ddos/6210/
Enable secure passwords
everywhere
THE INTERNET OF THINGS AS A DDOS TOOL
The Internet of Things (IoT) is increasingly becoming a powerful tool for attackers,
facilitated by the neglect for information security both on the part of vendors and users.
HOW TO STAY PROTECTED
http://usa.kaspersky.com/about-us/press-center/press-releases/2016/
Research_Reveals_Hacker_Tactics_Cybercriminals_Use_DDoS_as_Smokescreen_for_Other_Attacks_on_Businesses
THE COST OF DDOS ATTACK · 11
“DDoS can be used not only
as an easy way to stop the
activity of a company, but
also as a decoy to distract IT
staff from another intrusion
taking place through other
channels.”
KIRILL ILGANAEV,
Head of Kaspersky DDoS
Protection at Kaspersky Lab
56%
87%
29%
26%
of businesses questioned are confident that DDoS has been
used as a smokescreen for other kinds of cybercrime
of these business respondents reported that they
had also been the victim of a targeted attack.
of businesses that suffered from cybercrime said that
DDoS has often been part of the attack tactics
businesses that have suffered data loss as a result of a targeted
attack, named DDoS as one of the contributing vectors
USING DDOS ATTACKS AS A SMOKESCREEN
DDoS attacks are sometimes used by cybercriminals to distract
businesses while hackers sneak in through the back door.
ACCORDING TO 2016 KASPERSKY LAB CORPORATE IT SECURITY RISKS SURVEY
16% OF COMPANIES DO NOT USE ANTI-DDOS PROTECTION
https://www.kaspersky.com.au/small-to-medium-business-security/ddos-protection
THE COST OF DDOS ATTACK · 12
To ensure your business is adequately defended
against DDoS attacks, you need a DDoS attack
prevention solution that helps you to:
Detect any new attack as rapidly as possible
so you can defend your business very soon
after the hacker launches the attack.
Mitigate the effects of the attack as rapidly
as possible to help minimize – or totally
prevent – any disruption to the normal
business activities
DDOS PREVENTION AND MITIGATION
A GOOD ANTI-DDOS STRATEGY WILL HELP
Minimize downtime for business-critical
infrastructure & processes
Ensure customers can continue to
access online services
Maintain productivity for employees
Minimize reputational damage
DDOS PROTECTION
– STAY SAFE
WITH KASPERSKY LAB
Discover how Kaspersky Lab
defends businesses against DDoS attacks

Más contenido relacionado

Destacado

Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017imc-isec-comp
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatEric Vanderburg
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
Zika Virus: An Emerging Arboviral Threat of 2016
Zika Virus: An Emerging Arboviral Threat of 2016Zika Virus: An Emerging Arboviral Threat of 2016
Zika Virus: An Emerging Arboviral Threat of 2016Ruchi Pancholy, REHS
 
Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Rui Miguel Feio
 
The New Threat on Campus: Ransomware Locks Down Education
The New Threat on Campus: Ransomware Locks Down EducationThe New Threat on Campus: Ransomware Locks Down Education
The New Threat on Campus: Ransomware Locks Down EducationCode42
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
Information Security It's All About Compliance
Information Security   It's All About ComplianceInformation Security   It's All About Compliance
Information Security It's All About ComplianceDinesh O Bareja
 
Phishing Forensics - SnowFROC - Denver Chapter of OWASP
Phishing Forensics - SnowFROC - Denver Chapter of OWASP Phishing Forensics - SnowFROC - Denver Chapter of OWASP
Phishing Forensics - SnowFROC - Denver Chapter of OWASP Frank Victory
 

Destacado (10)

Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017
 
Ransomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware ThreatRansomware: 2016's Greatest Malware Threat
Ransomware: 2016's Greatest Malware Threat
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016
 
Zika Virus: An Emerging Arboviral Threat of 2016
Zika Virus: An Emerging Arboviral Threat of 2016Zika Virus: An Emerging Arboviral Threat of 2016
Zika Virus: An Emerging Arboviral Threat of 2016
 
Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)
 
The New Threat on Campus: Ransomware Locks Down Education
The New Threat on Campus: Ransomware Locks Down EducationThe New Threat on Campus: Ransomware Locks Down Education
The New Threat on Campus: Ransomware Locks Down Education
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against Ransomware
 
Information Security It's All About Compliance
Information Security   It's All About ComplianceInformation Security   It's All About Compliance
Information Security It's All About Compliance
 
Phishing Forensics - SnowFROC - Denver Chapter of OWASP
Phishing Forensics - SnowFROC - Denver Chapter of OWASP Phishing Forensics - SnowFROC - Denver Chapter of OWASP
Phishing Forensics - SnowFROC - Denver Chapter of OWASP
 

Último

Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 

Último (20)

Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 

The Cost of DDoS Attack: Risk Assessment, Mitigation and Protection for Businesses

  • 1. THE COST OF DDOS ATTACK: Risk assessment, mitigation and protection for businesses
  • 2. AGENDA What is DDoS? Attack methods and common scenarios Risk assessment The impact and cost of DDoS attacks DDoS as a cover-up for other attacks Prevention and mitigation DDoS protection THE COST OF DDOS ATTACK · 2
  • 3. http://media.kaspersky.com/en/business-security /enterprise/DDoS_Protection_White_Paper.pdf THE COST OF DDOS ATTACK · 3 WHAT IS DDOS? A Distributed Denial of Service (DDoS) attack is one of the most popular weapons in the cybercriminals’ arsenal. It aims to make information systems such as websites or databases impossible for regular users to access normally. There can be different motives behind launching DDoS attacks, ranging from cyber-hooliganism to dirty competition practices or even extortion.
  • 4. THE COST OF DDOS ATTACK · 4 DDOS ATTACK METHODS VOLUMETRIC ATTACKS These attacks are increasingly common. By generating traffic levels that exceed the target business’s available bandwidth, the attack saturates the capacity of the victim’s corporate Internet connection – and that disables or delays all online activities. APPLICATION LAYER ATTACKS Application layer attacks try to crash the servers that are running vital applications – such as the web servers that the victim’s online presence depends on. OTHER INFRASTRUCTURE ATTACKS Attacks that aim to disable network equipment and / or server operating systems can totally halt the operation of key business processes. HYBRID ATTACKS Cybercriminals also launch complex attacks that combine several methods – including volumetric, application layer and infrastructure attack techniques. http://media.kaspersky.com/kaspersky-ddos-protection-data-sheet.pdf
  • 5. 2. Launching a DDoS amplification attack through publicly available servers containing software vulnerabilities Under the second scenario involving an amplification attack, servers leased out from a data center can be used instead of bots. Public servers with vulnerable software are typically used for enhancement. Today, either DNS (domain name system) servers or NTP (network time protocol) servers can be used. An attack is amplified by spoof- ing return IP addresses and sending a short request to a server that requires a much longer response. The received response is sent to the spoofed IP address which belongs to the victim. TWO COMMON DDOS ATTACK SCENARIOS http://media.kaspersky.com/en/business-security/DDoS-Protection-White-Paper.pdf THE COST OF DDOS ATTACK · 5 1. Sending requests directly to the attacked resource from a large number of bots. In this scenario, cybercriminals turn a multitude of computers into remotely controlled “zombies” which then follow the master’s command and simultaneously send requests to the victim computing system (conduct a “distributed attack”)
  • 6. The top three industries most likely to suffer from a DDoS attack are: telecoms, financial services and IT. BUSINESSES AT RISK A DDoS attack is most likely to last for several hours. But 6% of businesses reported attacks that latest a week, resulting in a severe impediment of services. CUSTOMER PORTAL/LOGIN AREA COMMUNICARIONS SERVICES PUBLIC WEBSITE TRANSACTIONAL SERVICES FILE SERVERS LESS THAN 10 MINUTES 10,1% IT/TELECOM 24% FINANCIAL SERVICES 21% CONSTRUCTION AND ENGINEERING 20% 41% 40% 39% 29% 26% THE COST OF DDOS ATTACK · 6 29,1% 37,9% 14,3% 6,1% 0,5% 1,9% 10 MINUTES TO AN HOUR SEVERAL HOURS A FULL DAY 2 DAYS TO A WEEK SEVERAL WEEKS OR LONGER DON’T KNOW/CANNOT SAY The top three types of infrastructure targeted are: public websites, the limited access customer portal, general communications infrastructure
  • 7. UNDERSTANDING THE IMPACT The direct financial costs of recovering from a DDoS attack can be massive regardless of industry – lost business opportunities, reputational risks and many other things. https://www.kaspersky.com/small-to-medium-business-security/ddos-protection THE COST OF DDOS ATTACK · 7 Failed sales transactions during downtime periods Negative publicity that dissuades existing customers and potential clients Failed transactions with possible penalties Damage to your business brand that could take years to recover from Direct financial costs Your own team needs reliable access to key services
  • 8. http://newsroom.kaspersky.eu/en/texts/detail/article/lose-a-fortune-one-ddos-attack-can-cost-a-company-over-16m/ http://newsroom.kaspersky.eu/fileadmin/user_upload/en/Campaign/KESB_2013/Pdfs/20160930_Press_Release_DDoS_cost_ENG_Final.pdf THE COST OF DDOS ATTACKS The average cost of a DDoS attack is $106,000 for smaller companies and more than $1.6 million for enterprises BIGGEST EXPENSES ASSOCIATED WITH DDOS ATTACK: If an attack is detected in the first 24 hours, the costs can be almost halved, compared to an attack detected over a day later. THE COST OF DDOS ATTACK · 8 CHANGES TO THE CREDIT RATINGS CHANGES TO THE INSURANCE RATINGS OVERTIME PAYMENTS TO EMPLOYEES 10% STAFF TRAINING 10% PR EXPENSES TO RESTORE A COMPANY’S REPUTATION 9% 19% Medium and Large Companies 20% Small Companies 17% OTHER MAJOR DDOS-RELATED COSTS CUSTOMER COMPESATION 12% UPGRADING IT INFRASTRUCTURE AND SOFTWARE
  • 9. THE COST OF DDOS ATTACK · 9 REPUTATION DAMAGE DUE TO CUSTOMERS’ MISCONCEPTION https://www.kaspersky.com/small-to-medium-business-security/ddos-protection If your business is subjected to a DDoS attack, it could also suffer additional losses that result from misconceptions about exactly what a DDoS attack is – and how it could affect your customers. Even though DDoS attacks are unlikely to have any effect on your customers’ security, can you be sure your customers will understand this? Whenever customers hear about a ‘security incident’ – any security incident – some may fear that their confidential information, bank details and credit card numbers could be at risk. Even though these fears may be totally illogical – and stem from customers’ misunderstandings about the nature of DDoS attacks – your business could still suffer.
  • 10. THE COST OF DDOS ATTACK · 10 Audit IoT devices within your infrastructure Change any default settings (especially common in medium and small companies using consumer-level routers) https://securelist.com/analysis/quarterly-malware-reports/76464/kaspersky-ddos-intelligence-report-for-q3-2016/ https://business.kaspersky.com/iot-ddos/6210/ Enable secure passwords everywhere THE INTERNET OF THINGS AS A DDOS TOOL The Internet of Things (IoT) is increasingly becoming a powerful tool for attackers, facilitated by the neglect for information security both on the part of vendors and users. HOW TO STAY PROTECTED
  • 11. http://usa.kaspersky.com/about-us/press-center/press-releases/2016/ Research_Reveals_Hacker_Tactics_Cybercriminals_Use_DDoS_as_Smokescreen_for_Other_Attacks_on_Businesses THE COST OF DDOS ATTACK · 11 “DDoS can be used not only as an easy way to stop the activity of a company, but also as a decoy to distract IT staff from another intrusion taking place through other channels.” KIRILL ILGANAEV, Head of Kaspersky DDoS Protection at Kaspersky Lab 56% 87% 29% 26% of businesses questioned are confident that DDoS has been used as a smokescreen for other kinds of cybercrime of these business respondents reported that they had also been the victim of a targeted attack. of businesses that suffered from cybercrime said that DDoS has often been part of the attack tactics businesses that have suffered data loss as a result of a targeted attack, named DDoS as one of the contributing vectors USING DDOS ATTACKS AS A SMOKESCREEN DDoS attacks are sometimes used by cybercriminals to distract businesses while hackers sneak in through the back door. ACCORDING TO 2016 KASPERSKY LAB CORPORATE IT SECURITY RISKS SURVEY
  • 12. 16% OF COMPANIES DO NOT USE ANTI-DDOS PROTECTION https://www.kaspersky.com.au/small-to-medium-business-security/ddos-protection THE COST OF DDOS ATTACK · 12 To ensure your business is adequately defended against DDoS attacks, you need a DDoS attack prevention solution that helps you to: Detect any new attack as rapidly as possible so you can defend your business very soon after the hacker launches the attack. Mitigate the effects of the attack as rapidly as possible to help minimize – or totally prevent – any disruption to the normal business activities DDOS PREVENTION AND MITIGATION A GOOD ANTI-DDOS STRATEGY WILL HELP Minimize downtime for business-critical infrastructure & processes Ensure customers can continue to access online services Maintain productivity for employees Minimize reputational damage
  • 13. DDOS PROTECTION – STAY SAFE WITH KASPERSKY LAB Discover how Kaspersky Lab defends businesses against DDoS attacks