Majority of polled companies (26 percent) regard lost business opportunities - the loss of contracts or on-going operations that generate guaranteed income - as the most frightening consequence of a distributed denial-of-service (DDoS) attack, according to a survey by Kaspersky Lab and B2B International.
This is closely followed by reputational risks (23 percent) as negative customer or partner experiences can hinder future contracts or sales. Meanwhile, losing existing customers who could not access the anticipated service due to a DDoS attack was ranked the third worst consequence at 19 percent.
Technical issues however, are at the bottom of the pile of concerns. 17 percent of respondents identified a need to deploy back-up systems that would keep operations online as the most undesirable consequence, while 14 percent are more concerned about the costs of fighting the attack and restoring services.
Despite the apparent financial impact DDoS attacks have on companies, only 37 percent of the polled companies said that they have protection measures in place to counter these security attacks.
Kaspersky feels that this is an "unnecessary oversight" since the IT security market can offer reliable and easy-to-deploy security solutions that are able to prevent loss of access to online services caused by a DDoS attack.
For example, the Kaspersky DDoS Protection does not require the installation of heavy server solutions on the customer's infrastructure. Traffic filtration during an attack is handled in special cleaning centres according to the tailor-made rules defined for each customer and each attack.
Views on DDoS consequences depend on verticals and experience
According to a media statement by Kaspersky Lab, the views on the consequences of DDoS attacks vary according to the different industries.
For instance, industrial and telecommunications companies, as well as e-commerce and utilities and energy organisations, tend to rate reputational risks ahead of lost business opportunities. In the construction and engineering sector, there is more concern about the cost of setting up back-up systems.
"People who have not yet faced a particular threat often tend to underestimate it, while those who have already experienced it understand which consequences might be the most damaging for them. However, it makes little sense to wait until the worst happens before acting - this can cost companies a lot, and not only in financial terms. That is why it is important to evaluate all possible risks in advance and take appropriate measures to protect against DDoS attacks," said Evgeny Vigovsky, Head of Kaspersky DDoS Protection, Kaspersky Lab.
Sign up for CIO Asia eNewsletters.