A single DDoS attack can cost a company more than $400,000

According to the results of a study conducted by Kaspersky Lab and B2B International, a DDoS attack on a company’s online resources might cause considerable losses – with average figures ranging from $52,000 to $444,000 depending on the size of the company. For many organisations these expenses have a serious impact on the balance sheet as well as harming the company’s reputation due to loss of access to online resources for partners and customers.

  • 9 years ago Posted in

The total cost reflects several problems. According to the study, 61 per cent of DDoS victims temporarily lost access to critical business information; 38 per cent of companies were unable to carry out their core business, and 33 per cent of respondents reported the loss of business opportunities and contracts. In addition, 29 per cent of successful DDoS incidents had a negative impact on the company’s credit rating, while in 26 per cent of cases it prompted an increase in insurance premiums.


The experts included the costs of remediating the consequences of an incident when calculating the average sum. For example, 65 per cent of companies consulted with IT security specialists, 49 per cent of firms paid to modify their IT infrastructure, 46 per cent of victims had to turn to their lawyers and 41 per cent turned to risk managers. These are only the most common expenses.


Information about DDoS attacks and subsequent disruption to the business often becomes public, adding to the risks. 72 per cent of victims disclosed information about a DDoS attack on their resources. Specifically, 43 per cent of respondents told their customers about an incident, 36 per cent reported to representatives of a regulatory authority, and 26 per cent spoke to the media. 38 per cent of companies suffered reputational loss as a result of a DDoS attack, and almost one in three of the affected organisations had to seek the assistance of corporate image consultants.


“A successful DDoS attack can damage business-critical services, leading to serious consequences for the company. For example, the recent attacks on Scandinavian banks (in particular, on the Finnish OP Pohjola Group) caused a few days of disruption to online services and also interrupted the processing of bank card transactions, a frequent problem in cases like this. That’s why companies must consider DDoS protection as an integral part of their overall IT security policy. It’s just as important as protecting against malware, targeted attacks, data leaks and the like,” said Eugene Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.  

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...