SOURCE: Security Compass

October 04, 2016 09:30 ET

"State of DDoS Mitigation" Report Explores Scope of DDoS Security Risks

Surprising Percentage of Companies Unable to Mitigate an Attack

TORONTO, ON--(Marketwired - October 04, 2016) - DDoS Strike, a division of Security Compass, today released a report detailing results of planned and authorized Distributed Denial of Service (DDoS) attacks on targets in North America. The report, "State of DDoS Mitigation," found that, despite many having enterprise-grade DDoS mitigation technologies in place, a full 78% of the targets were unable to mitigate an attack.

"Year after year, DDoS attacks have grown bigger, more frequent, more sophisticated and more effective," said Sahba Kazerooni, vice president of DDoS Strike. "Our research shows that many companies are woefully unprepared to deal with these cyber risks."

DDoS Strike compiled "State of DDoS Mitigation" after conducting DDoS attacks against 21 targets from organizations that invited DDoS Strike to test their defenses. The targets included financial, technology, telecom and entertainment companies based in the United States and Canada. The report shares common vulnerabilities and failures in DDoS mitigation technology and processes.

Highlights of the research findings include:

Hackers are winning at service degradation and downtime: the primary goal of DDoS attackers is to cause some type of service degradation; 95% of the attacks in this study were successful

Despite having DDoS mitigation technologies, companies are still at risk: 78% of the targets were completely unable to mitigate the attack[1] even though many had deployed technology for that purpose

Technology alone is insufficient: 70% of targets needed non-technical improvements, namely people and process changes

Companies are more at risk for application layer attacks: while network layer attacks remain a significant threat, application layer attacks conducted on the targets were more successful and caused the longest downtime

"While problems were pervasive, the vast majority were fixable, and arose from misunderstandings about the nature of DDoS attacks and how to best use DDoS mitigation technology and techniques as part of a sound security strategy," Kazerooni continued. "With a proper application of technology, people and processes companies can greatly reduce the risk of cyber threats and mitigate attacks that occur."

To read the full report, visit State of DDoS Mitigation.

DDoS Strike helps companies mitigate their risk of Distributed Denial of Service attacks. Using a sequence of controlled and monitored simulated attacks, DDoS Strike battle tests applications and networks to identify weaknesses, helping companies benchmark their security systems in a safe and controlled environment. Working closely with customers, a team of DDoS Strike experts help develop mitigation strategies and practices that can withstand both established and newly developing types of attacks. As a business developed by Security Compass, DDoS Strike brings more than a decade of industry leading security expertise to the table.

[1] Of the 21 targets, two requested a retest for a total of 23 separate attacks. 18 of the 23 targets were unable to mitigate the attacks.

Twitter: @DDoSStrike

Contact Information