DDoS-attacks pose threat to Russian businesses

While the west may see Russia as a prime source of hacking, including DDoS attacks, the country's own buinesses are also suffering, as recent figures demonstrate.

Criminals get hold of 'Russian state malware'
Criminals get hold of 'Russian state malware'

Up to 17 percent of Russian companies were  hit by DDoS-attacks in 2015, according to a recent report by Russian Kaspersky Lab and the Russian Ministry of Communications, one of the state agencies responsible for the fight against cyber-attacks in Russia.

An official spokesman of Nikolai Nikiforov, Russia's Minister of Communications, told SC that in recent years, as is happening in the West, DDoS-attacks have been used to distract IT-services from simultaneous cyber-attacks on the corporate networks.

Among the major targets of DDoS-attacks in Russia are transport, logistics and financial institutions including the public websites of the companies, as well as their communication services.

Often such attacks are ordered by competitors with the aim to complicate operations of their rivals. One of the reasons for this significant increase is their low cost.

In an email to SC, Evgeny Vigovsky, head of Kaspersky DDoS Protection, Kaspersky Lab commented: "The problem is that today DDoS attacks can be set up cheaply and easily, from almost anyone, whether that be a competitor, a dismissed employee, socio-political protesters or just a lone wolf with a grudge. In fact, although the cost to businesses from this kind of attack is on average around £291,000, the simplest DDoS attack can be acquired for only £32.30 and ordered anonymously." And analysts at the Russian Ministry of Communications, say that prices go as low as £4 per hour.

At the same time DDoS-attacks have become more complicated, being sent to several network layers and elements of the infrastructure. DDoS attacks hackers are now actively using cloud providers, which allows them to quickly, and sometimes at no cost, obtain the necessary power for the attack.

Vigovsky adds: "Google's launch of Project Shield to protect against DDoS attacks highlights the capability for businesses to guard against such attacks, or risk financial loss, severe reputational damage, and possibly the loss of valuable customers.

"... we've noticed attacks have become persistent and sometimes against the same organisations. In fact, Kaspersky Lab found that in 2015, one in six (16 percent) companies worldwide suffered a DDoS attack, with the attack rate rising to one in four (24 percent) for enterprises.

"As a result, the volume of attacks has rapidly increased in recent years, so it's imperative that businesses find an effective way to safeguard themselves from such attacks in 2016. Companies can do this by partnering an internal specialist with an internet provider, to actively filter and weed out these types of crude attacks, and decrease the cost of customer protection, as well as reduce the risk of loss to the company."

According to predictions of Kaspersky Lab, by 2017 the global market solutions to prevent DDoS-attacks will reach £625 million, in value terms. At the same time, according to data of the US Center for Strategic and International Studies, the  damage to the global economy from such cyber crimes is significantly higher, being estimated it at £320 billion in 2014.

Vladimir Ulyanov, head of the analytical center Zecurion, one of Russia's leading IT analyst agencies, said that companies often are often interested in installation of DDoS protection, when the attack is already underway, which may be associated with huge losses of the companies.

According to Ulyanov, both Russian and the EU companies have shown an increasing interest in hedging of risk associated with cyber-crimes and this is forecast to continue to grow over the next several years.