Study shows a DDoS attack can cost an organization more than $2.5 million

Attacks continue to get more complex

Neustar has published findings from its fourth annual Worldwide DDoS Attacks and Cyber Insights Research Report. The report highlights some shocking statistics around the frequency and cost of attacks, plus measures being taken to counter them.

The study analyses the responses of more than one thousand CISOs, CSO, CTOs, security directors and managers. For the first time it also includes Q1 attack data and trends captured from Neustar’s DDoS Security Operations Center.

“Distributed Denial of Service attacks are the zeitgeist of today’s Internet,” said Barrett Lyon, pioneer of the DDoS defense industry and Head of Research and Development at Neustar Security Solutions.

“The question organisations must ask now is how they are prepared to manage these highly disruptive events. Are they prepared for the bad day where their customers call and ask why the website is down?”


Highlights from Neustar’s May 2017 Worldwide DDoS Attacks and Cyber Insights Research Report include:

DDoS Attack Trends

  • Volumetric attacks getting larger – 45 percent of DDoS attacks were more than 10 gigabits per second (Gbps); and, 15 percent of attacks were at least 50 Gbps, almost double the number reported last year.
  • Nowhere to hide – 849 out of 1,010 organizations were attacked with no particular industry spared, an increase of 15 percent since 2016. 727 – 86% of those attacked – were hit more than once.
  • Customers take on DDoS monitoring – 40 percent of respondents reported receiving attack alerts from customers, up from 29 percent in 2016.

Business Implication Trends

  • It’s a game of risk – 43 percent of organizations report average revenue loss of at least $250,000 per hour, with 51 percent taking at least three hours to detect an attack and 40 percent taking at least three hours to respond.
  • It’s a race against crime, rise in Ransomware – The instances of ransomware reported in concert with DDoS attacks increased 53 percent since 2016. 51 percent of attacks involved some sort of loss or theft with a 38 percent increase year over year in customer data, financial and intellectual property thefts.
  • What’s in place is not enough – 99 percent of organizations have some sort of DDoS protection in place, yet 90 percent of organizations are investing more than they did a year ago and 36 percent think they should be investing even more.

The report was collated with data from 1,010 directors, managers, CISOs, CSOs, CTOs, and other c-suite executives to find out how DDoS attacks affect their organizations and what measures are in place to counter these threats. The respondents span many industries, including technology, financial services, retail, healthcare and energy. Nearly half of the organizations reported annual revenues from $500M to $1B per year.

Neustar recently announced it has tripled its global DDoS mitigation network capacity to 3 Tbps and will continue to significantly increase to 10 Tbps by early 2018. The construction, implementation and capacity of this new network is designed to stay ahead of the changing threat landscape and neutralize new and future volumetric DDoS attacks, as well as easily containing other types of DDoS attack vectors using proprietary DNS and IP intelligence data.

Download Neustar’s Worldwide DDoS Attacks and Cyber Insights Research Report and find out more about Neustar SiteProtect