Beyond the Data Breach: Examining Denial of Service AttacksDan Draper, May 25, 2016
When we think about data center security today, we tend to think about Target, Sony, Home Depot and other high-profile data breaches that compromised everything from private customer information to Hollywood studio strategies and secrets. These types of security failures have been increasingly common and well chronicled in recent years.
But there are other types of cyberattacks, interested less in acquiring sensitive information than simply triggering chaos. These attacks aim to shut down critical facilities, including data centers, crippling businesses and the customers who rely on them. Perhaps the most dangerous such attack happened just last year in the Ukraine. A group of sophisticated hackers took out a large swath of the country’s power grid, leaving more than 230,000 people without power at the onset of a frigid Ukrainian winter.
These Denial of Service (DoS) attacks can target data centers directly or any service or facility connected to the internet. If you or your kids tried to fire up a new game on the PlayStation last Christmas, only to find the online system unavailable, you were the victim – at least tangentially – of a DoS attack. Congratulations … You join a list that includes the BBC and Donald Trump.
Unfortunately, DoS attacks are becoming more and more common. That was one of the findings of a study we recently concluded in conjunction with the Ponemon Institute. The full Cost of Denial of Service report is available at www.VertivCo.com/Benchmarks. Some notable takeaways:
- The frequency of DoS attacks increased 59 percent between 2010 and 2015
- The average cost of a DoS attack increased 31 percent between 2010 and 2015
- Forty-nine percent of the 273 DoS attacks analyzed resulted in a partial or full shutdown of the data center.
- DoS attacks that cause a total outage result in an average cost of $610,300. DoS attacks that did not result in an outage have an average cost of $36,800
That last point is an important one, because there are steps you can take to mitigate the risk of a DoS attack-triggered outage. The study found that organizations that withstood DoS attacks without a data center outage are more likely to have characteristics such as a command and control governance structure, high data center redundancy, network intelligence tools, advance threat intelligence, and enterprise deployment of anti-DoS tools.
There is much more in the report – including findings on the cost of other forms of cybercrime, such as malicious insiders, malicious code, phishing and stolen devices.
As with any research study, the data gleaned from our survey group is informative but not all-inclusive. We would love to hear your experiences with DoS attacks or the preventive measures you’re taking to protect your network, your business and your customers.