Kaspersky: DDoS Attack Can Cost a Company More Than $400K

Written by Dan Kobialka 1
January 30, 2015

How much does an average distributed denial-of-service (DDoS) attack cost a business? Kaspersky Lab and B2B International researchers recently examined the cost and impact of DDoS attacks, and here's a closer look at their findings.

How much does an average distributed denial-of-service (DDoS) attack cost a business? A new Kaspersky Lab and B2B International study revealed an average DDoS attack can cost a company between $52,000 and $444,000, depending on the business’ size.

Also, study researchers found that a DDoS attack can damage a company’s reputation due to loss of access to online resources for partners and customers.

Other study results included:

72 percent of DDoS victims said they disclosed information about a DDoS attack on their resources. 43 percent told their customers about an incident, 36 percent reported to representatives of a regulatory authority and 26 percent spoke to the media.
61 percent of DDoS victims said they temporarily lost access to critical business information, 38 percent were unable to carry out their core business and 33 percent reported the loss of business opportunities and contracts.
In 29 percent of DDoS incidents, a successful attack had a negative impact on the company’s credit rating, and in 26 percent of cases, a successful attack prompted an increase in insurance premiums.

“Customers can’t rely on protecting themselves anymore given the volume and complexity of modern DDoS attacks,” Eugene Vigovsky, head of Kaspersky DDoS protection, told MSPmentor. “In a DDoS attack, people are fighting with people in real-time.”

Vigovsky added that he believes that companies must consider DDoS protection as “an integral part of their overall IT security policy.”

How to stop a DDoS attack

Managed service providers (MSPs) can help their customers stop DDoS attacks.

For example, AlgoSec, a network security policy management solutions company, offers three tips that MSPs can share with their customers to help them defend against DDoS attacks:

Maintain a clearly defined perimeter – Define parameters for trusted and untrusted networks; by doing so, a business can deploy security controls to prevent DDoS attacks.
Offer suggestions and recommendations – Show your customers that you’re a managed security services expert by offering suggestions and recommendations about services that they can use to bolster their security.
Take a multi-layered approach to security – Firewalls simply aren’t enough to protect a business against DDoS attacks; instead, a company can take a multi-layered approach to security to stop DDoS attacks.

Ultimately, teaching a customer about DDoS attacks, and their financial ramifications, could help an MSP boost its customer retention levels as well.

Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at dan.kobialka@penton.com.