UK's communications sector most hit by DDoS
UK's communications sector most hit by DDoS

A quarter of UK companies have experienced a distributed denial-of-service (DDoS) attack, with telecoms and e-commerce the most targeted sectors.

According to research by Neustar, 22 per cent of the 381 UK businesses it surveyed had experienced a DDoS attack, of which, 53 per cent of telecoms, 50 per cent of internet/e-commerce and 43 per cent of retail were affected.

Talking to SC Magazine, Susan Warner, market manager for DNS services and DDoS solutions at Neustar, said that there is not a network that has not experienced a DDoS attack and asked what the cost could be if a site is down for a period of time.

She said: “Also consider the impact on IT, how many people are being consumed by a DDoS attack and what are they losing operationally? What we are seeing is a cost impact, but cost and risk management will feel the impact.”

The survey discovered that the IT team would be the hardest hit according to 69 per cent of respondents, while 57 per cent said customer service would feel the effect. In terms of how many people were required to mitigate an attack – 40 per cent said two to five people, 35 per cent said only one person, while 12 per cent said more than ten would be required.

The attack sizes being launched on UK businesses are not big; 40 per cent said that they are less than 100Mbps, while 30 per cent said that they are less than 1Gbps. However, 22 per cent can persist for over a week, although 63 per cent can last less than a day.

Warner said: “When you are being [attacked by a] DDoS constantly, there is an impact on the IT team. DDoS is not just taking down the website and interface, but also [affects] critical communications.”

Asked what companies use to defend against a DDoS attack, 72 per cent said a firewall, 40 per cent a router and 32 per cent switches. A third (34 per cent) has deployed specialist technology – 20 per cent a cloud-based DDoS service, nine per cent IP-based prevention and five per cent DDoS hardware.