One in three organizations (31%) has suffered one or more Distributed Denial of Service (DDoS) attacks in the last 12 months, according to independent research commissioned by Corero Network Security.
The research amongst IT directors in 300 mid-to large-sized enterprises in the UK and US also found US companies were twice as likely as those in the UK to have experienced an attack: 38% of US companies versus 18% of UK companies.
The research also revealed a much greater level of concern amongst US enterprises, reflecting the increased exposure of US companies to DDoS attack. Nearly two thirds (63%) of US IT directors said they are concerned about the threat of DDoS attack against just 29% in the UK.
Retail companies in the UK are particularly worried with more than half (52%) reporting a high level of concern about DDoS attacks. This is far higher than the concern cited by financial organizations (28%), manufacturing (11%) and other commercial sectors (7%) in the UK.
US companies across all verticals showed a heightened level of awareness and concern about attacks.
Political/ideological motivation was cited as the largest source of DDoS attack among UK companies reporting attacks, with a third blaming what is known as “hacktivism”. The different vertical markets in the UK also revealed a marked variation in the motivations behind attacks. The retail sector in the UK considers financial extortion either for fraud or to extract ransom money to be the primary intention, whilst in the finance sector, political or ideological motives are the main reasons for the attacks.
In the US, however, a competitor seeking unfair business advantage was by far the leading motivation, as unscrupulous competitors were blamed for more than half (52%) of the DDoS attacks amongst the US companies that reported being victims. In contrast, only one in five victim companies in the UK said competitors were responsible.
Whilst levels of concern about the risk of DDoS attacks varied significantly between UK and US respondents, three in five (62%) IT directors claimed to have technology in place to protect their organizations against attack. However more than half (53%) of companies surveyed were still concerned about potential attacks.