Tag Archives: Distributed Denial of Service

“Faster response times needed to combat cyber threat” finds BCI survey

Two thirds of respondents to a global survey carried out by the Business Continuity Institute report that they had experienced at least one cyber incident during the previous twelve months, while 15% stated they had experienced at least ten incidents during the same period.

The frequency of these cyber incidents demonstrates exactly why it’s so important for organisations to have plans in place to mitigate them or otherwise lessen their impact.

The Cyber Resilience Report, conducted by the BCI and sponsored by Crises Control, found that there was a wide range of response times for cyber incidents. Almost a third of organisations (31%) stated that they responded within one hour. However, one fifth (19%) take a worrying four hours or more in responding to a cyber event, while almost half (44%) take more than two hours to respond. This has clear implications for the time taken to return to business as usual, and the ultimate cost of the incident to the host organisation.

IntelligenceLedSecurity2

Even if businesses wish to respond immediately to a cyber attack, the nature of the attack may render them unable to do so. The research finds that phishing and social engineering are the top causes of cyber disruption, with over 60% of companies reporting being hit by such an incident over the past 12 months and 37% attacked by way of spear phishing.

The BCI has discovered that 45% of companies were hit by a malware attack and 24% by a Distributed Denial of Service episode. All these forms of attack will, in different ways, render an organisation’s own network either contaminated or inoperable. Their website may have been taken down and they may well have to switch off their Internet connection until they can secure themselves from further attack.

A detailed study of 369 business continuity and resilience professionals from across the world, the research also reveals that the costs of these incidents varied greatly, with 73% reporting total costs over the year of less than €50,000, but 6% reporting annual costs of more than €500,000.

David James-Brown FBCI, chairman of the BCI, commented: “This piece of research is one of the most timely, insightful and relevant the BCI has ever produced. Cyber attacks tend to target the weakest links of an organisation. That calls for a greater awareness of cyber crime. As the cyber threat evolves, it’s crucial to stay on top of it, building long-term initiatives and regularly updating recovery plans.”

Rickie Sehgal, chairman of Crises Control, added: “Rapid communication with employees, customers and suppliers is vital for any company in terms of responding effectively to a major business disruption event such as a cyber attack. When your business is at risk, even a one-hour delay in responding to an incident can be too long. Taking more than two hours to respond, as almost half of companies appear to do, is simply unacceptable.”

Advertisements

Leave a comment

Filed under Risk UK News, Uncategorized

Prolexic Report: ‘Distributed Denial of Service attacks on the increase’

Prolexic’s latest report on Distributed Denial of Service (DDoS) attacks has shown that, compared to this time last year, the number of attacks has increased by 22%. The report also shows that the average attack bandwidth has increased by 72%, while the average peak bandwidth has risen by 241%.

On the positive side, the report states that attack duration has decreased by 54% from an average of 38 hours to 17 hours. Attacks may last for a shorter period, but those attacks are now more frequent and more powerful.

A DDoS attack is an attempt to make a computer network unavailable to its intended users, normally by targeting it with so much data that it slows the network down and renders it unresponsive to its intended users. The largest reported DDoS attack to date was when a client of CloudFlare was targeted, with the peak of this attack reaching 400 gigabits per second.

The DDoS Report by Prolexic has shown that, compared to this time last year, the number of attacks has increased by 22%

The DDoS Report by Prolexic has shown that, compared to this time last year, the number of attacks has increased by 22%

With the threat of cyber attack increasing – something identified in the Business Continuity Institute’s Horizon Scan report, which shows that 73% of business continuity professionals are either’concerned’ or ‘extremely concerned’ by this threat materialising – the technology to counter such attacks has also developed. This could explain why the length of attacks has decreased – as one attack fails, the attacker quickly moves on to an easier target.

Gaming, software and media worlds hit hard

While the length of the attacks has – on average – halved since last year, it’s still worth noting that 17 hours could result in a major outage for the organisation being attacked. If that organisation is reliant upon its network then the consequences may well be dire.

The Prolexic report also reveals the industries most targeted by these types of attack. The gaming industry was the main victim, accounting for nearly half (46%) of all attacks. The report suggests that “gaming attacks are frequently motivated by players trying to gain a competitive advantage, or by malicious actors seeking to steal personal data from players.”

The software and technology industry and the media and entertainment sector accounted for 22% and 15% of attacks respectively, while the financial sector accounts for 10% of all attacks.

The United States was the origin of most attacks, accounting for over 20%. Having not appeared on the list at all in the previous report, Japan wasn’t too far behind with 18% while China accounted for 12% of attacks and Germany 10%.

Leave a comment

Filed under Risk UK News