What is the Cost of a DDoS Attack?

The cost will depend on several variables, such as the type of business you are in, the volume of your business that is online, the type of brand you are developing, the type of customers, as well as your competitors. There are even calculators that can help you come up with such number in advance, relying on your annual revenue, annual revenue through online sales and the frequency of attacks in a given industry. “Enterprises, hosting providers and cloud service providers are experiencing DDoS attacks on their data centers more frequently and with more severe business consequences than ever before,” according to recent Arbor Networks white paper. “Because the goal of an attacker is to create maximum disruption, attacks are more likely to occur at the worst possible times for your business.”

In their survey results, hourly cost of downtime per 1000 square feet (as in data center size) ranges from $8,500 to $201,000, with a mean of $46,000.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%
Bar graph showing survey results on significant operational threats.
In all security threats, DDoS attacks bring most damage (Image source: Arbor Networks)

The Performance

How is the DDoS attack done, in the first place? The attacker chooses one computer system and makes it the DDoS master. From the master system, he begins communicating with other computer systems that can, in result, be compromised and used, i.e. they now become controlled machines referred to as zombies or bots (sometimes there can be as many as hundreds of thousands of them). With a single instruction from the master system, the attacker can have all the controlled machines launch packets at the targeted host. This stream finally overwhelms the targeted machine, and the result is the denial-of-service, or a complete stop of all the site’s functions on the internet, so that no one can access it.

Crashing Results

In 2012, the revenue risk for a DDoS attack was estimated, for most cases, at less than £1,000 per hour. However, the impact could reach more than £100,000, with financial sector organizations, or telecoms firms, for example. To put it in a perspective, 37% of DDoS attacks reported in 2012, lasted for more than 24 hours, 24% lasted for more than three days, and 22% lasted for more than a week (see: Computer Weekly).

Another serious damage, besides the financial loss, happens along with the denial of service attack. Brand value is seriously eroded, operational costs can skyrocket, and you might have to invest in new people and technologies to manage the risk better in the future.

A high percentage of companies still do not have proper protection against DDoS attacks, i.e. they use only routers and switches and web application firewalls, and as many feel they won’t be targeted. Breaking news. DDoS attack tools are now more available than ever, free or at a low cost, to any individual who can now find an easy way through the network to disrupt a webpage. Most targeted are e-commerce services, and financial services, but also large businesses such as Amazon, or Yahoo! Not even PirateBay was spared of a DDoS attack in the recent past. in 2011, WordPress, the site thatserves 18 million publishers, and is responsible for 10% of all websites in the world, was down for several hours.

Changing Nature: Getting Bigger, but Shorter!

As we have discussed in our previous post on DDoS attacks, they are escalating in size, frequency and complexity. However, it seems, they are getting shorter, 86% now last less than one hour. At the same time, average bit per second size almost doubled, 46.5% of attacks are now over 1Gbps, which is a jump of 13.5% from 2012. Proportion of attacks in the 2-10 Gbps range more than doubled, even proportion of attacks over 10 Gbps increased by 41.6%. In the first half of 2013 we have seen more than double the total number of attacks over 20Gbps we saw in the whole of 2012, according to live ATLAS feed.

This is the active threat that continues with great speed and requires resourceful defense.

Mitigation

DDoS attacks cannot be fully avoided, nor can you fight them with a single method. The intensity of the packets launched at the site, however, can be lessened, and these methods are known as DDoS mitigation. The attack prevention also depends on the entire internet community and their keeping of machines up to date and using proper security tools.

There are general techniques, i.e. common preventive measures such as system protection, cleaning, installing security patches, firewall, IP hopping. Also, and more importantly, filtering techniques: filtering of incoming IP addresses, adapting restrictive mechanisms, reversing IP paths, filtering spoofed IP packets, controlling traffic… The combination of both can help successful mitigation, but none is a guarantee.

Read more:

Banner promoting GlobalDots services for protecting against DDoS attacks.

Latest Articles

Complying with AWS’s RI/SP Policy Update: Save More, Stress Less

Shared Reserved Instances (RIs) and Savings Plans (SPs) have been a common workaround for reducing EC2 costs, but their value has always been limited. On average, these shared pools deliver only 25% savings on On-Demand costs—far below the 60% savings achievable with automated reservation tools. For IT and DevOps teams, the trade-offs include added complexity, […]

Itay Tal Head of Cloud Services
5th December, 2024
The Future of Cybersecurity: Shlomo Kramer’s Bold Predictions for the SASE Era

What does the next decade of cybersecurity hold? Few can answer that better than Shlomo Kramer—co-founder of Check Point and Imperva, and founder & CEO of Cato Networks. In a candid conversation on the CloudNext podcast, Shlomo shared bold predictions and actionable strategies for navigating the challenges and opportunities ahead. From the rise of SASE […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
4th December, 2024
Three Ways CISOs Can Combat Emerging Threats in 2025

73% of CISOs fear a material cyberattack in the next 12 months, with over three-quarters convinced AI is advancing too quickly for existing methods to combat it. But what can CISOs do to prepare for the coming wave – and access the resources they need to deal with this evolving threat landscape? To find out, […]

11th November, 2024
How Optimizing Kafka Can Save Costs of the Whole System

Kafka is no longer exclusively the domain of high-velocity Big Data use cases. Today, it is utilized on by workloads and companies of all sizes, supporting asynchronous communication between even small groups of microservices.  But this expanded usage has led to problems with cost creep that threaten many companies’ bottom lines. And due to the […]

Itay Tal Head of Cloud Services
29th September, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services