DDoS Survey: Majority of Hosting Providers Expect Increasing Danger of DDOS
Over 85% of hosting providers and data center operators in Europe expect they will be falling victim to DDoS attacks more frequently in the future. This is the result of a current survey by Link11, German DDoS protection specialist, on industry-wide experiences with denial of service attacks in the hosting sector. Two out of three ISPs see DDoS protection as a service as a growth market for their own product portfolios.
The DDoS risk for hosting providers and data center operators in Europe is high. This was the result of a survey of over 100 international professional attendees at this year’s WorldHostingDaysglobal at the end of March 2017. Half of companies in the industry were confronted by DDoS attacks in past months. 7 out of 10 of these (70.7%) attacked service providers and computing center operators registered up to 10 attacks in past months. The number of attacks was between 10 and 50 for 20% of those surveyed. One in eight providers (13.6%) experienced over 100 attacks within the past 12 months. Frequently, DDoS attackers focus not only on the hosting providers, but also on their customers. A significant 78.6% of respondents were aware of attacks against users of their hosting services.
“The results of our survey match what we’ve learned from the risk matrix published by the Internet Service Provider working group in the Alliance for Cyber Security: The likelihood of DDoS attacks is extremely high,” says Jens-Philipp Jung, Managing Director of Link11, with regard to the risk situation." (1) Link11 DDoS reports published on a quarterly basis show this as well, indicating over 30,000 DDoS attacks against targets in Germany in the past 12 months.”
DDoS blackmailing of hosts can pay off
Besides DDoS attacks that come seemingly out of the blue, DDoS blackmailers also make the risk situation worse. One out of 4 hosting providers and computing center operators (26.5%) were aware of demands for protection money. Five of the companies surveyed even stated they had transferred money to blackmailers. Based on their many years of experience, DDoS protection experts from Link11 estimated the average demand for protection money at 3 Bitcoins. This means the blackmailer or blackmailers likely received up to 15 Bitcoins. As of May 4th, 2017, this corresponds to almost 21,000 euros.
Confront increasing risk of DDoS with protection solutions
the vast majority of those surveyed from the hosting services and computing center operation areas, 85.2%, expect to see an increase in the DDoS risk for their company and their customers. They respond to the increase in danger of DDoS attacks with various strategies. Over a third of providers trust dedicated protection solutions like cloud scrubbing (13.7%) and hardware (22.9%). A full 29.2% of companies only use a firewall, and 13.5% use blackholing. 11.7% of hosting providers use a CDN to reduce peak loads during DDoS attacks.
DDoS protection as a service as a new business model for ISPs
Two out of three hosting providers surveyed (65.4%) believe there is currently potential for expanding their product portfolios on the DDoS protection market. They are the first contact partners for decisions related to IT security for many companies that use computing center services. Customers want to purchase their security solutions from a trusted business partners. Hosting providers and computing center operators want to focus on the new areas of need and address them with “DDoS protection as a service” appropriate for their customers. Numerous hosing providers in contact with Link11 are already taking this route, offering their customers a reliable way to protect their business operations against DDoS attacks.
About the survey: From March 27th to 30th, Link11 surveyed 100 international IT decision-makers and specialists about their experiences with DDoS attacks at the WorldHosingDaysglobal in Rust. Survey participants self-identified as part of the hosting and computing center operation industries.
(1) Allianz für Cybersicherheit (Alliance for Cybersecurity): Konsolidierte Gefährdungsmatrix mit Risikobewertung (Consolidated risk matrix with risk assessment) 2016, 03/20/2017