Cyber economy continues to surge while DDoS attacks increase by 542% amid pandemic

The recently released Dark Web Price Index 2020 reveals the current average prices for a selection of cybercrime products and services available “on demand.” A basic targeted malware attack in Europe or the US costs $300, while a targeted distributed denial-of-service (DDoS) attack goes for as little as $10 per hour or $60 for 24 hours. The “salespeople” even offer volume discounts, making such attacks the go-to weapon for online extortion.

According to Nexusguard’s Q1 2020 Threat Report, in the first quarter this year, DDoS attacks increased by more than 278% compared to Q1 2019, and by more than 542% compared to the previous quarter.

According to Gartner research, the average cost of downtime for a small-to-midsize business is $5,600 per minute. The World Economic Forum’s Global Risks Report 2020 reveals that, in the United States, the chances of catching and prosecuting a cybercrime actor are almost nil (0.05%). At the same time, the impact on the targeted companies’ business is massive. IBM’s Cost of a Data Breach Report” pegs the average cost of a security breach at $3.92 million.

Suffering a DDoS attack could be inevitable, especially if the business operates in a high-risk industry. Regardless of the solutions you implement, your company should incorporate a DDoS response procedure into your official business continuity plan. According to Ponemon Institute research, firms that can respond to a security incident quickly and contain the damage can save 26% or more on the total costs of the event cleanup.

‘’One reason why DDoS attacks are so inexpensive is that more and more people that offer DDoS-for-hire services are leveraging the scale and bandwidth of public clouds. With remote work becoming the new standard and with emphasis on home internet connectivity at an all-time high, proper security measures to mitigate these attacks have never been more important,’’ says NordVPN Teams Chief Technology Officer Juta Gurinaviciute.

What is a DDoS attack?

Distributed denial of service (DDoS) attacks are a serious threat to modern network security. Their goal is to take down the target by either flooding traffic or triggering a crash. These attacks are often sourced from virtual machines in the cloud rather than from the attacker’s own machine, which is done to achieve anonymity and higher network bandwidth.

Typically, these types of attacks are run through botnets — networks of computer devices hijacked and infected by bots to carry out various scams and cyberattacks. A bot is a piece of malicious software that gets orders from another device or attacker. A computer becomes infected when a worm or virus installs the bot, or when the user visits a malicious website that exploits a vulnerability in the browser.

‘’These days, because of the COVID-19 pandemic, organizations around the globe are embracing remote work at unprecedented rates. This has made online services of all kinds — from governments to banks and e-commerce to e-learning — more vulnerable to criminals, and DDoS attacks more alluring as a means of extortion. Such attacks don’t cost much and can produce excellent returns. When online connections are stopped or significantly slowed for even a few hours, employees’ work is disrupted, and customers can’t buy anything, which all leads to damaged revenues and public image of the organization,’’ says the NordVPN Teams expert.

How to protect company data

Without early threat detection and traffic profiling systems, it’s impossible to know a DDoS attack has occurred. In fact, you will only know about it when your website slows down or comes to a complete halt.

These attacks target data, applications, and infrastructure simultaneously to increase the chances of success. To fight them, an integrated security strategy protecting all infrastructure levels is necessary.

  • – Develop a Denial of Service response plan. Make sure your data centre is prepared, a checklist is in place, and your team is aware of their responsibilities.
  • – Secure your network infrastructure. This includes advanced intrusion prevention and threat management systems — which combine firewalls, VPN, anti-spam, content filtering — and load balancing. Together, they enable constant and consistent network protection against DDoS attacks.
  • – Make sure your systems are up to date. By regularly patching your infrastructure and installing new software versions, you can close more doors to attackers.
  • – Leverage the cloud. Cloud-based apps can curb harmful or malicious traffic before it ever reaches its intended destination. Such services are operated by software engineers whose job is to monitor the web for the latest DDoS tactics and attack vectors.
  • – Avoid public or unsecured Wi-Fi. If your remote team must log in to an account on a network you don’t trust, use a VPN to encrypt all communications. Even bank websites can be forged to be almost undetectable. So, if an attacker has administrative access to the network you’re using, a data breach may occur.

For more security news, click here.

Be sure to follow us on Twitter and LinkedIn.

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Copyright: Security Buyer

ASIS UK Launches “Security is You(th)” Hackathon

ASIS International UK has launched Security is You(th), an initiative designed to engage students and early-career professionals…
Image provided by Veeam

AI and Ransomware: Cutting Through the Hype

Rick Vanover, Vice President Product Strategy, Veeam discusses how It might be the great paradox: Artificial Intelligence (AI)….
Copyright: Security Buyer

AmiViz Partners with Titania

AmiViz announced a strategic distribution agreement with Titania. This collaboration underscores a shared commitment to enhancing…
Oil and Gas

Navigating Africa’s Oil & Gas Industry

A comprehensive analysis of security strategies in Africa’s oil and gas industry, covering physical, cyber, and remote surveillance measures.
blackhat

Black Hat Europe Starts Soon

Black Hat Europe starts Monday and now is the perfect time to start planning your experience. With a full lineup of Keynotes…

VIVOTEK’s All-in-One Software Boosts Operational Efficiency for Enterprises

As demand for high-efficiency security systems rises among large enterprises, the global leading…
Assa Abloy website

WTC Amsterdam enhances security and efficiency with digital access solution

The World Trade Center (WTC) Amsterdam, home to over 300 companies, has upgraded its building security with a streamlined, digital access solution from ASSA ABLOY.
John Maddison website

Fortinet launches Lacework FortiCNAPP to enhance cloud-native security

In an advancement in cybersecurity, Fortinet has announced Lacework FortiCNAPP, providing organisations with visibility and security.
GITEX Global 2024 website

GITEX GLOBAL 2024: AI revolution drives strategic tech innovation

GITEX GLOBAL 2024 concluded on Friday, showcasing artificial intelligence (AI) as a transformative force driving business and economic growth
Scroll to Top