DDoS, Malware Attacks Cost Victims Thousands Of Dollars A Day

More than 80 percent of attacks against U.S. organizations come from U.S.-based IP addresses

Dark Reading Staff, Dark Reading

March 13, 2013

2 Min Read

New eye-popping data shows the cost of cyberattacks to victim organizations: They spend as much as $6,500 per hour to recover from DDoS attacks, and $3,000 a day for up to 30 days recovering from malware infections.

The high-dollar costs to victim organizations were "pretty staggering" but are based on real-world cases from managed security services provider Solutionary, says Rob Kraus, director of research in Solutionary's Security Engineering Research Team. "We had worked closely with companies, got them through the postmortem, and found out what the incident really cost them," Kraus says. Among the costs: hiring third party consultants and incident response teams, staffing up internally post-attack, and buying mitigation technologies, he says.

"These numbers are actually pretty conservative," Kraus says. Then there are the hidden costs of lost productivity and revenue, which were not calculated in this data, he says.

"The eye-opener was that you don't want to be looking for that type of money in the budget at the last minute, when your feet are literally in the fire," he says.

According to Solutionary's "2013 Global Threat Intelligence Report," published today, 54 percent of malware samples get past antivirus and endpoint security applications, and 44 percent of all phishing emails employ banking themes.

Speaking of the financial industry, 45 percent of malware attack attempts are aimed at financial customers, and 35 percent at retail customers -- mostly via phishing emails with malicious links or attachments.

And no surprise here: Java has usurped Adobe PDF as the most exploited application. Nearly 40 percent of all exploits seen by Solutionary are based on Java bugs. "It's such a big fat, juicy target," says Don Gray, chief security strategist at Solutionary.

Another interesting statistic: Eighty-three percent of attacks against U.S. organizations come from U.S.-based IP addresses. The next-closest location for attacking IPs is China, but with only 6 percent, according to Solutionary's findings. That doesn't mean a tiny percentage of attacks is coming from China overall, however, according to Gray.

"Ultimate attribution is difficult," he says of the actual location of the attackers controlling those IP addresses.

The massive percentage of U.S.-based attacking IPs also demonstrates the large number of bot-infected machines in the U.S. Around 23 percent of organizations attacked within the U.S. by U.S. IP addresses hit government agencies, the report says.

The full report is available here for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights