The recently released Dark Web Price Index 2020 reveals the current average prices for a selection of cybercrime products and services available “on demand.” A basic targeted malware attack in Europe or the US costs $300, while a targeted distributed denial-of-service (DDoS) attack goes for as little as $10 per hour or $60 for 24 hours. The “salespeople” even offer volume discounts, making such attacks the go-to weapon for online extortion.
According to Nexusguard’s Q1 2020 Threat Report, in the first quarter this year, DDoS attacks increased by more than 278% compared to Q1 2019, and by more than 542% compared to the previous quarter. According to Gartner research, the average cost of downtime for a small-to-midsize business is $5,600 per minute. The World Economic Forum’s “Global Risks Report 2020“ reveals that, in the United States, the chances of catching and prosecuting a cybercrime actor are almost nil (0.05%). At the same time, the impact on the targeted companies’ business is massive. IBM’s “Cost of a Data Breach Report” pegs the average cost of a security breach at $3.92 million.
Suffering a DDoS attack could be inevitable, especially if the business operates in a high-risk industry. Regardless of the solutions you implement, your company should incorporate a DDoS response procedure into your official business continuity plan. According to Ponemon Institute research, firms that can respond to a security incident quickly and contain the damage can save 26% or more on the total costs of the event cleanup.
‘’One reason why DDoS attacks are so inexpensive is that more and more people that offer DDoS-for-hire services are leveraging the scale and bandwidth of public clouds. With remote work becoming the new standard and with emphasis on home internet connectivity at an all time high, proper security measures to mitigate these attacks have never been more important,’’ says NordVPN Teams Chief Technology Officer Juta Gurinaviciute.
Without early threat detection and traffic profiling systems, it’s impossible to know a DDoS attack has occurred. In fact, you will only know about it when your website slows down or comes to a complete halt.
These attacks target data, applications, and infrastructure simultaneously to increase the chances of success. To fight them, an integrated security strategy protecting all infrastructure levels is necessary.