Denial of Service attacks are an unfortunate reality everyone on the internet is faced with. And for whatever reason, it is a topic that victims are reluctant to discuss openly. So when it does occur many organizations are unfortunately under prepared.
When calculating the cost of a denial of service attack there are several factors that are easy to assign a monetary value to such as:
But there are many hidden costs from a DDoS attack that can have long lasting effects and are often overlooked…
The IT team will be the most obvious to suffer costs once the attack begins. An IT department can measure potential defensive success with a number of metrics – such as how quickly, effectively or accurately the attack was repelled and/or cleaned up. which typically reflect speed and/or accuracy.
For example:
An ongoing attack will simultaneously inflate the ticket queues with device warnings, user complaints, and related incident reports, while at the same time preempt IT personnel from their normal duties as they deal with the attack.
Once the attack has concluded IT cannot immediately resume business as normal, it may take days or even weeks for systems to return to pre-attack productivity. Every system only has a finite amount tolerance to disruption.
Once an attack exceeds this tolerance many systems won’t return to normal operation even after the attack has stopped without further intervention from IT. Furthermore even after normal operation are restored, the attack will have polluted systems with invalid traffic / requests – either invalid data will have to be groomed, deleted or ignored at a cost of manhours, opportunity or integrity.
After all systems have returned to normal operation the IT department still has tasks to complete. Following the attack a post mortem investigation should be conducted to ensure there were no secondary incidents like a data breach or a malware infection for which the attack was just a distraction.
Another outcome of the post mortem will be upgrades and changes to systems and processes from the lessons learned during the attack and subsequent clean up. These tasks can further occupy IT resources for months following the attack.
The common factor in all these negative outcomes is time. The longer an attack persists the greater the disruption to business, and more systems will exceed critical thresholds. And the longer systems are down, the longer the backlog of work needs to be caught up.
While DDoS attacks are certain, their outcome will depend on how prepared you are. When selecting DDoS protection response, time to resolution is key. Avoiding these negative outcomes requires always on / persistent protection with minimum mean time to mitigation.
You can learn more about the DDoS attack cost trap here on the Link11 blog shortly. If you need support until then, feel free to contact our experts at any time:
