Study reveals internal web services are just as vunarable to DDoS

Research by Kaspersky Lab and B2B International shows that businesses don’t need to have external interfaces such as public websites, customer portals and transactional systems to be affected by a DDoS attack. Internal web services, operations and connectivity are just as vulnerable – manufacturing companies especially.

In 2015, one in six (16%) companies worldwide suffered a Distributed Denial of Service attack, with the attack rate rising to one in four (24%) for enterprises. For most, these attacks focused on external activities. Just under half of those affected said their public websites had been hit, while around a third said that customer portals and logins (38%) and communications services (37%) had been impacted. A quarter found that a DDoS attack had affected transactional systems.

However, some companies discovered that a DDoS attack had affected their internal web services. A quarter said that their file servers had been affected and 15 per cent said their operational systems had been hit. Another 15 per cent said a DDoS attack impacted overall ISP network connectivity.

In terms of the business sector, manufacturing was particularly susceptible to the internal impact of a DDoS attack, with a quarter saying their operational systems had been affected and over a third noticing an impact on file servers; while up to one in five telecoms, transportation, IT and government organisations noticed that their network connectivity had suffered.

“It’s important to take a DDoS attack seriously. It’s a relatively easy crime to perpetrate, but the effect on business continuity can be far-reaching. Our study found that alongside the well-publicised impact of an attack, such as website downtime, reputational damage and unhappy customers, DDoS hits can reach deep into a company’s internal systems.” said Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.

” It doesn’t matter how small the company is, or whether or not it has a website; if you’re online, you’re a potential target. Unprotected operational systems are just as vulnerable to a DDoS attack as the external website, and any disruption can stop a business in its tracks,”

Kaspersky DDoS Protection combines Kaspersky Lab’s extensive experience in combating cyber-threats with the company’s in-house software development expertise. The solution protects against all types of DDoS attacks, regardless of their complexity, power and duration. Unlike many competitor products, Kaspersky Lab’s solution protects any online service that could come under attack, including business applications, services, databases and more.

Further information about the solution is available here.