Author: Dave Martin, Director of Product Marketing, NSFOCUS
Even if you have not yet been the victim of a DDoS attack it is helpful to examine the financial impact of a potential attack on your organization for the purposes of doing risk assessment or for calculating the payback period of a DDoS protection solution.
While determining some of the cost factors is relatively straightforward there are other indirect costs that are not as easily measured. The negative effects of these indirect costs are often not felt for weeks, months and in some cases years following the actual attack itself. Examples that are very real but frequently overlooked in cost calculations are theft of vital data, customer loss and damage to brand.
Theft of vital data: A worrisome trend in recent DDoS attacks is for threat actors to use the DDoS attack as a smokescreen or distraction to hide other malicious activity. The DDoS attack itself is only a means to an end. The real goal of the attack is to steal critical data. In this style of attack, the threat actor directs a DDoS attack to a certain portion of the network while launching specially crafted attacks at other targets. The goal is to compromise these other targets and either steal critical data during the DDoS attack or install a backdoor that will grant future access to the network and its resources. These attacks can be successful because IT staff are completely focused on mitigating the DDoS attack itself while other malicious activity goes unnoticed. There are many types of DDoS attacks that attempt to take servers off-line or crash applications while still leaving enough network bandwidth to compromise other targets. Additionally, if the victim does not have a dedicated DDoS protection system, they may attempt to loosen firewall or IDS/IPS security rules to keep these systems online. This creates further holes in perimeter security that can be exploited. The sheer volume of logs generated during a DDoS attack makes discovering other malicious activity extremely difficult even after the DDoS attack is thwarted. Vital data can include credit cards, passwords, intellectual property, trade secrets, medical information, private customer records and banking information.
Customer loss: The effects of a DDoS attack including disruption of service and theft of customer information can cause a loss of confidence in your customer base. These customers can decide to move their business to a competitor or use social media to vent their anger and frustration. Clearly none of these outcomes is desirable and unfortunately it may take some time to realize the full extent of any customer losses.
Damage to brand: Some companies spend a substantial portion of their operating budget to create and nurture their brand image through advertising, PR, direct-mail campaigns and other initiatives. Earning the trust and faith of customers and constituents often takes years of time, effort and money. Today’s DDoS attacks can damage your brand and ruin your reputation in a shockingly short amount of time.
As detailed in our latest white paper, “The Financial Impact of DDoS: An Economic Perspective”, indirect costs can quickly become the most expensive and damaging consequences of a DDoS attack and should be included in any comprehensive analysis of the financial impact of DDoS attacks.
Dave Martin brings to NSFOCUS more than 20 years of experience with IT security and networking technologies in a variety of engineering, product marketing, product management and business development roles. He currently serves as a Director of Product Marketing responsible for market positioning, go-to-market strategy and product release. Prior to joining NSFOCUS Mr. Martin has held executive and technical positions at companies including Edgewater Networks, Nokia, Ipsilon Networks and Newbridge Networks. Mr. Martin is a US Patent holder, a recognized security and networking expert and regular speaker at trade shows, partner conferences, insight panels, webinars and other industry events.