IT heads are increasingly confident in their system’s reliance against DDoS attacks, following a sharp increase in spending on DDoS mitigation technology. However, that confidence may be misplaced: the same companies also reported a surge in successful DDoS attacks over the previous year.
Research, conducted by Sapio Research on behalf of CDNetworks, and examining at businesses in the UK, Germany, Austria and Switzerland, found that high-profile DDoS attacks, felling Twitter and CNN, had spurred investment in DDoS mitigation measures among many firms. Nearly half (49%) of the surveyed firms said they had invested in DDoS mitigation technology for the first time in the previous 24 months and nearly two-thirds (64%) said they were more likely to invest in the coming 12 months than in the previous year.
The fresh investment had fed confidence in businesses about their ability to repel even the most severe DDoS attacks. 83% described themselves as “confident” or “very confident” in their current DDoS mitigation setup. This is despite the prevalence of DDoS attacks: 86% of businesses reported having suffered an attack in the last year and the average business is attacked six times a year.
Despite new investment in security measures, DDoS attacks are still finding success. In the previous 12 months, more than half (54%) of examined businesses had suffered a DDoS attack that was able to take their website, network or app offline.
CDNetworks has suggested that the size and frequency of DDoS attacks are outpacing what even new technology is capable of repelling. CDNetworks’ monitoring data has shown that the largest detected attack in the first half of 2016 was nearly three times the size of the largest attack in 2015: 58.8Gbps versus 21Gbps. And that attack wasn’t a freak event: nearly a third (31%) of the attacks detected in the first half of 2016 exceeded 50Gbps while the year before none reached that size.
CDNetworks encouraged companies not to be complacent and to continue improving their security systems.
Chris Townsley, EMEA Director at CDNetworks, said: “We’re glad that DDoS is now seen as an issue that needs to be addressed. However, the size and number of DDoS attacks are also increasing every year, turning DDoS into an arms race. Businesses cannot afford to be complacent or regard DDoS mitigation as a one-off investment as the trend for larger attacks shows the cybercriminals are currently winning the arms race.”