In fact, Simple Service Discovery Protocol (SSDP) attacks are beginning to emerge as a potent vector for DDoS — driven increasingly by the internet of Things (IoT). The explosive growth in internet-connected smart devices is a particular concern as they have relatively high bandwidth, are rarely patched, and are on 24 hours a day. As such, they are the perfect entry point to exploit and leverage to amplify attack bandwidth.
Staggering risks to businesses worldwide
So what does all of this mean? Is it an impossible task to keep businesses ahead of attackers?
Service providers and their customers across the globe are under attack like never before. Denial of service can mean lost revenue — anything from $52,000 to $52 million — thanks to lost contracts, damage to stock price, a credit rating slump and increased insurance premiums. Global businesses rely on uptime to optimise business: According to Gartner, a single hour of downtime could cost an enterprise $300,000. Productivity losses can also damage businesses' bottom line, with IDC estimating that for Fortune 1000 companies, the average cost of a critical application failure is $500,000 to $1 million per hour, while average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year. Specialist insurer, Lloyds of London, has also estimated that cyber-attacks cost businesses as much as $400 billion a year, including the damage itself and subsequent disruption to the normal course of business.
Downtime, latency, lag and inaccessibility can also lead to customer churn and reputation damage which, in particularly competitive industries, can be fatal for business. In fact, according to the Ponemon Institute, when IT executives were asked what the greatest single cost to the business would be in the wake of a DDoS attack, 64 percent said reputation damage and the loss of customer trust would be the top loss.
When it comes to service providers, your customers increasingly expect you to be able to cope with any and all scenarios, from known to unknown threats. In order to meet this demand, savvy service providers must proactively invest in services that monitor and mitigate advanced DDoS attacks.
The good news is that the security business is booming, with new innovations and global expertise. Organizations across Asia and the Pacific will spend an estimated $22 billion on critical infrastructure by 2020, according to ABI. In the United States, the government has allocated some $14 billion specifically to cyber security in the 2016 government budget.
Best practice leaders are innovating cyber security with new advanced "fusion centre" approaches to better integrate teams, partners and experts, to address fraud, cyber-attacks and mitigation, viewing the attack arena in a new way that demands visibility across all attack surfaces and points of access and vulnerability. Today, with the right partner and business model, there are ways to provide the security services your customers expect, and tap a fast-growing market for DDoS mitigation that can actually enable business growth through performance improvements and uptime reliability. It is time to turn your security stance into a business performance advantage.
Sign up for Computerworld eNewsletters.