The modus operandi of DDoS attacks has changed in recent years with 40% of attacks becoming relatively small with less than 5Gbps, but occur more frequently.
According to the ‘North America and EMEA: The Continual Threat to Digital Brands for 2015’ report by Neustar, the changes in tactics by DDoS attackers are making business more vulnerable.
The repetitive attacks are targeted towards firms’ security and IT teams, and malware is installed to steal trade secrets or valuable data.
Attacks that are designed to take websites offline can be executed through hired hacker groups who offer the attack services for as little as €5.29 a month.
The survey revealed that 36% of executives discovered malware installed in their systems and 25% found that data or funds had been stolen.
Around 54% of attacks on financial services sectors were less than 5 Gbps in strength, but around 43% of all those attacks were leaving malware or viruses behind.
The survey found out that that nearly 50% of the companies surveyed suffered a DDoS attack in 2014 and early 2015 and, of that number, 54% were attacked at least six times.
It also highlighted that DDoS attacks are causing a sustained threat to businesses’ profitability and brand reputation as 4 out of every 10 attacks lasted for more than a day and 10% even lasted around a week.
In the EMEA region alone, 40% of companies lost more than €100,000 per hour of downtime due to an attack during peak hours.
The surveyed executives said that they had over six staff members dedicated to IT security and DDoS protection.
67% of attacked companies in the EMEA region are now using hybrid protection and 55% of businesses have decided to invest more in DDoS security than last year .
Neustar CSO Mark Tonnesen said:"The attacker sends enough SYN requests to a company’s system to consume server resources and stall legitimate traffic.
"It’s a kind of ‘low and slow’ DDoS attack — steady and problematic, though not tsunami-like."
DooS attack have posed huge threat to virtual currency as well, as cloud service provider Akamai pointed out that a hacker group, called DD4BC, which has been active since September 2014 is targeting banks, media groups and retailers.
The group asks bounties of 50 bitcoins or more and failure to do so leads to DooS attack on the victim’s server.
Akamai claims that around 141 of its customers have fallen prey to the gang.