Research by Kaspersky Lab and B2B International shows that businesses don’t need to have external interfaces such as public websites, customer portals and transactional systems to be hit by a DDoS attack: internal web services, operations and connectivity are just as vulnerable.
In 2015, one in six companies worldwide suffered a Distributed Denial of Service (DDoS) attack, rising to a quarter of enterprises. In the Kingdom of Saudi Arabia, 12% of enterprises have reportedly suffered an attack. For most, these attacks focused on external activities. Just under half of those affected said their public websites had been hit, while around a third said that customer portals and logins (38%) and communications services (37%) had been impacted. A quarter found that a DDoS attack had affected transactional systems.
However, some companies discovered that a DDoS attack had affected their internal web services. A quarter said their file servers had been affected and 15% said their operational systems had been hit. Another 15% said a DDoS attack impacted overall Internet Service Provider network connectivity.
In terms of business sector, manufacturing was particularly susceptible to the internal impact of a DDoS attack, with a quarter saying their operational systems had been affected and over a third noticing an impact on file servers; while up to one in five telecoms, transportation, IT and government organizations noticed that their network connectivity had suffered.
“It’s important to take a DDoS attack seriously. It’s a relatively easy crime to perpetrate but the effect on business continuity can be far-reaching. Our study found that alongside the well-publicized impact of an attack, such as website downtime, reputational damage and unhappy customers,DDoS hits can reach deep into a company’s internal systems. And it doesn’t matter how small the company is, or whether or not it has a website: if you’re online, you’re a potential target. Unprotected operational systems are just as vulnerable to a DDoS attack as the external website, and any disruption can stop a business in its tracks,” said Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.
Kaspersky DDoS Protection combines Kaspersky Lab’s extensive experience in combating cyber-threats with the company’s in-house software development expertise. The solution protects against all types of DDoS attacks, regardless of their complexity, power and duration. Unlike many similar products, Kaspersky Lab’s solution protects any online service that could come under attack, including business applications, services, databases and more. Further information about the solution is available here.