Around one in four IT, telecoms and financial services companies experienced a distributed denial of service (DDoS) attack in the last 12 months.
However, Kaspersky Lab findings claim that while just under half (47 per cent) of financial businesses accept that they are prime targets, IT and telecoms companies don’t think they are any more at risk than other sectors, which could be leaving them vulnerable.
The study found that, overall, a third of companies (36 per cent) believe they are likely targets for a DDoS attack, increasing only slightly for IT (40 per cent) and telecoms businesses (38 per cent).
One in six (16 per cent) of those surveyed has actually been hit, but this figure rises to one in four for companies in the IT (21 per cent), financial services (22 per cent), and telecoms (24 per cent) sectors.
“DDoS attacks have become one of the most popular weapons in the cybercriminal arsenal, used to extort money, disrupt operations or damage reputations, and also to distract attention from another cyber-attack being carried out at the same time,” adds Evgeny Vigovsky, Head of DDoS Protection, Kaspersky Lab.
“Nearly 75 per cent of businesses have said that DDoS attacks against their companies corresponded with other security incidents.”
Yet the study shows that many companies lack awareness of DDoS and are unsure how to stop them or limit their impact.
Only 52 per cent of companies feel well-informed about DDoS attacks and just 53 per cent know how to prevent or mitigate them, rising to 61 per cent of those in financial services and telecoms.
“As the recent DDoS attacks on telecoms companies and banks reveal, businesses in these sectors represent prime targets for DDoS attackers,” Vigovsky adds.
“In some cases, DDoS attacks are a smokescreen for cyber-theft or result in exorbitant ransom demands.
“That is why vulnerable sectors need to be extra-vigilant about security and be ready to deal with DDoS attacks. They need to build their understanding of the threat and choose the best protection against it.
“The days of DDoS attacks being an operational frustration that just resulted in some downtime are long over.”