Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/20/2015
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New findings from 2015 North America DDoS report

Survey shows heightened preparedness and adoption of hybrid technologies

April 20, 2015 – Sterling, Va - Neustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services and analytics, today announced findings from its 2015 United States Denial of Service (DDoS) Attacks & Impact Report.  The findings highlight an increase in the number and size of DDoS attacks, their costly and devastating effects on brand perception, and a heightened state of preparedness for U.S. businesses.

 Key findings of the survey:

·         91 percent say DDoS attacks are a bigger or same threat as last year

·         85 percent of companies are attacked multiple times

·         32 percent of companies would lose more than $100k in revenue per hour of attack

·         26 percent report DDoS attacks adversely affect customer trust and brand reputation

·         31 percent say their longest attacks last more than one day

“With 51 percent of companies investing more of their annual budget to prevent DDoS attacks, this study proves that DDoS has transcended to an institutional threat that is very real and recognized by all members of the C-suite,” said Margee Abrams, CISSP, director of security services at Neustar. “A website attack that was once considered to be an IT problem now reverberates and can cause significant brand damage that affects all organizational employees and its customers.” 

As a response to the pervasive DDoS attacks, companies have increased their adoption of Hybrid protection by 55 percent from last year.

 Hybrid, a highly recommended approach that allows companies to mitigate DDoS attacks by combining on-site hardware and cloud-based solutions, is also the defense of choice by 94 percent of companies who would lose more than $100k per hour during peak business times.

 “The increased hybrid adoption reflects the growing need for companies to have immediate, on-premises DDoS defense capabilities along with the capacity to surge defenses in response to larger attacks,” said Abrams. “Companies continue to rely on layered traditional perimeter defenses including firewalls, routers and switches as well as DDoS mitigation services.  But when revenues and brand reputation are at risk, deploying a hybrid solution offers the best of both worlds:  immediate on-premises protection with the capacity that only cloud providers can offer.” she added.

To conduct the study, Neustar surveyed 510 companies across a diverse range of industries including financial services, technology, retail, government & public sector, health care, energy & utility, telecommunications, e-commerce, Internet services and media.

 Joe Loveless, security solutions expert at Neustar, will present the report findings today at the 2015 West Coast Information Security and Broader Technology Growth Conference in San Francisco. Neustar will also have representatives available to discuss the results at the RSA Conference, held April 21-24, also in San Francisco. To learn more, RSA visitors are encouraged to visit the Neustar booth at number 2520.

About Neustar, Inc.
Neustar, Inc. (NYSE: NSR) is the first real-time provider of cloud-based information services and data analytics, enabling marketing and IT security professionals to promote and protect their businesses. With a commitment to privacy and neutrality, Neustar operates complex data registries and uses its expertise to deliver actionable, data-driven insights that help clients make high-value business decisions in real time, one customer interaction at a time. More information is available at www.neustar.biz.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...