• United States



#RSAC: Companies blame competitors for DDoS attacks

Feb 29, 20122 mins
CybercrimeData and Information SecurityNetwork Security

DDoS attacks are a competitive weapon of choice for slimy online businesses, according to IT directors who responded to a survey sponsored by Corero Network Security, seller of DDoS defense and Intrusion Prevention System (IPS) technology.

In the survey of 200 IT directors, conducted by Vanson Bourne, more than half said the attacks they experienced came from competitors. Nearly two-thirds (63 percent) said they’re seriously concerned about getting DDoSed and more than a third (38 percent) admitted being hit by at least one attack in the last year.

From the press release:

Contrary to the widespread belief that ideological and political motivation are the driving force behind DDoS attacks, more than half (52 percent) of the companies surveyed blames competitors looking to gain a business advantage. 

“Hactivists are a threat to anybody who touches on public policy, privacy around the internet and of late anybody in law enforcement, but the average business will never find itself in the sights of groups like Anonymous, whereas every business has competitors, “ said Richard Stiennon, chief research analyst at IT-Harvest.

Unfair business advantage was cited as the leading source of DDoSing reported by victim companies in each vertical surveyed: Financial services (62 percent), retail (47 percent) and manufacturing (46 percent). The research found that financial extortion, the threat of DDoS for ransom money, was the least frequent motive for DDoS attacks, with enterprises citing it 12 percent of the time.

“As businesses grow increasingly dependent on the Internet to reach customers and interact with partners and suppliers, so the attackers grow more sophisticated in their means of attack,” said Neil Roiter, director of research, Corero. “This research reveals that enterprises across verticals are justifiably concerned about being targeted by DDoS attacks, and they should be particularly wary of the new low and slow application layer attacks, which appear to be legitimate and fly under the radar.”

Some interesting responses, though hardly surprising, in my opinion. Whenever I talk to someone in business about the threats they worry about, they usually mention competitors doing this sort of thing. That’s especially true of people who run smaller businesses. The activities of Anonymous and the like are well known at this point, but I think business operators see it as something that has nothing to do with them.

This survey appears to validate that.