Trump hacking claims look like red herring Police in Barcelona have arrested a man suspected of being one of the web’s top spammers and the possible operator of a major botnet.…
Read More:
Spanish cops snatch suspected top spammer as US moves against Kelihos botnet
Spanish police say he ran the Kelihos botnet, hacking information and installing malicious software.
See the original post:
Russian arrested in Spain ‘over mass hacking’
Spanish police say he ran the Kelihos botnet, hacking information and installing malicious software.
See the original post:
Russian arrested in Spain ‘over mass hacking’
It’s not a matter of if you’re going to be DDoS attacked, it’s a matter of when – many APAC organisations fail to understand the threat and quantify the risk – right-sizing and verifying the solution is a must. When an attack occurs, the mature organisation is prepared to effectively mitigate the attack – protecting themselves (and in turn their clients and partners) from unacceptable financial and reputational impact. Let us look at these three steps, understand, quantify and mitigate, in detail. 1.Understand the threat The threat imposed by DDoS attacks in APAC is more significant than global counterparts. A recent Neustar survey showed that 77 percent of organisations within APAC have been attacked at least once, compared to 73 percent globally. Organisations within the region are also getting attacked more frequently, with 83 percent of those attacked being attacked more than once, and 45 percent having been attacked more than six times. In addition, attack sizes are steadily growing. In 2015, the average attack size identified by Neustar was about 5GB per second. By September 2016, average attack sizes had reached up to 7GB per second – and this was prior to the Mirai driven – IoT fuelled attacks – like those on Krebs, OVH and Dyn. Given this, we should expect a considerable rise in the mean size of volumetric attacks during 2017. We’ve also seen a steady increase in the number of multi-vector attacks – which now equates to about 50 percent of all DDoS attacks. In a multi-vector attack – the criminals are potentially aiming to distract an organisation with the DDoS attack while they go after their main target. They use the DDoS attack to draw away the organisations defensive capacity while they plant ransomware, breach the network or steal valuable data. Within APAC, compared to the global average of 25 percent, network breaches associated with a multi-vector attack is sitting at 33 percent, according to Neustar’s own data. This begs the question, are APAC organisations deficient when it comes to perimeter protection? When dealing with an attack, speed is critical. But surprisingly, within APAC, on average almost half of all organisations take over three hours to detect an attack and an additional three hours to respond. This is significantly higher than the global average of 29 percent and 28 percent respectively. Worryingly, slow detection and response can lead to huge damages financially. Around half of all organisations stand to lose an average of $100,000 per hour of peak downtime during an attack. To exacerbate this, half the attacked organisations were notified of the attack by a third party, inflicting additional potential reputational damage. 2.Quantify the risk If a person goes to insure their car, they’re not going to over or underinsure it. That is, they’re not going to pay a premium associated with a higher value car – if the car gets written-off, they’re only going to get the value of the car, not the extra value associated with the premium. Alternatively, if they are underinsured, they’re not going to get back the full value of the car – they will need to pay an additional amount to replace the car. When looking at a DDoS environment, it is a similar scenario. An organisation will want to make sure it understands the level of risk and apply the right mitigation and the right cost to protect that risk. Paying the cost for a DDoS mitigation that exceeds their requirements is like over insuring the car – you are paying a premium for a service that does not match your level of risk/potential loss. Similarly, implementing a DDoS mitigation that does not cover the risk will likely lead to additional costs, resulting from greater organisational impact and additional emergency response activities. Risk management is critical – rightsizing is a must – organisations need to prepare and implement a sound mitigation plan. To understand the severity of the risk DDoS imposes, organisations must quantify both probability and impact – tangible and intangible – and know the risk appetite and technical environment of the organisation. Once this information is gathered and the severity of the risk is understood, there are three key critical elements of producing a good mitigation plan that must be enacted: detection, response and rehearsal. 3.Mitigate the attack Detection; Timely detection is critical – slow detection greatly increases potential financial and reputational loss, and allows the attackers valuable time to initiate other attack vectors. Fortunately, there are several technologies out there that can be used to monitor both the physical and cloud-based environment. For example, organisations can use Netflow monitoring on border routers to detect a volumetric attack, or provide this data to a third-party for analysis and detection. Organisations can also look at using appliances to conduct automatic detection and response, again managed internally or by a third-party. In a cloud environment, there are plenty of cloud monitoring tools out there that allow companies to identify degradation and performance, CPU utilisation and latency, giving them an indication of when an attack occurs. Response; There are many DDoS mitigation solutions available, allowing organisations to match the solution to their requirements. In selecting a mitigation solution, it is important to review a complete range of options, and align the selected solution to the organisation’s risk exposure and technology infrastructure. For example an organisation operating in the cloud with a moderate risk exposure, might opt for a cloud based solution, pay-on-occurrence model. While a financial services company, operating its own infrastructure and exposed to substantial financial and reputational risk, would look for a hybrid solution, providing the best time to mitigate, low latency and near immediate failover to cloud mitigation for large volumetric attacks. Rehearsing; Once a DDoS mitigation service is selected and implemented, the detection and mitigation plan must be document and verified through testing. The frequency of testing a mitigation plan should be dependent on the level of risk. If in a high-risk environment, a business might want to rehearse monthly or quarterly. In a lower-risk environment, the organisation might stretch it out to yearly or biannually. By understanding the threat, quantifying the risk to the organisation and implementing a right-sized mitigation solution organisations can effectively and efficiently mitigate the risk of DDoS attacks. A well implemented and tested plan will protect an organisation from both financial and reputational damage, discouraging attackers, leading the wolf from your door, leaving them hunting for a softer target. Source: http://www.cso.com.au/article/617417/identifying-three-steps-ddos-mitigation/
Read the original post:
Identifying the three steps of DDoS mitigation
It’s not a matter of if you’re going to be DDoS attacked, it’s a matter of when – many APAC organisations fail to understand the threat and quantify the risk – right-sizing and verifying the solution is a must. When an attack occurs, the mature organisation is prepared to effectively mitigate the attack – protecting themselves (and in turn their clients and partners) from unacceptable financial and reputational impact. Let us look at these three steps, understand, quantify and mitigate, in detail. 1.Understand the threat The threat imposed by DDoS attacks in APAC is more significant than global counterparts. A recent Neustar survey showed that 77 percent of organisations within APAC have been attacked at least once, compared to 73 percent globally. Organisations within the region are also getting attacked more frequently, with 83 percent of those attacked being attacked more than once, and 45 percent having been attacked more than six times. In addition, attack sizes are steadily growing. In 2015, the average attack size identified by Neustar was about 5GB per second. By September 2016, average attack sizes had reached up to 7GB per second – and this was prior to the Mirai driven – IoT fuelled attacks – like those on Krebs, OVH and Dyn. Given this, we should expect a considerable rise in the mean size of volumetric attacks during 2017. We’ve also seen a steady increase in the number of multi-vector attacks – which now equates to about 50 percent of all DDoS attacks. In a multi-vector attack – the criminals are potentially aiming to distract an organisation with the DDoS attack while they go after their main target. They use the DDoS attack to draw away the organisations defensive capacity while they plant ransomware, breach the network or steal valuable data. Within APAC, compared to the global average of 25 percent, network breaches associated with a multi-vector attack is sitting at 33 percent, according to Neustar’s own data. This begs the question, are APAC organisations deficient when it comes to perimeter protection? When dealing with an attack, speed is critical. But surprisingly, within APAC, on average almost half of all organisations take over three hours to detect an attack and an additional three hours to respond. This is significantly higher than the global average of 29 percent and 28 percent respectively. Worryingly, slow detection and response can lead to huge damages financially. Around half of all organisations stand to lose an average of $100,000 per hour of peak downtime during an attack. To exacerbate this, half the attacked organisations were notified of the attack by a third party, inflicting additional potential reputational damage. 2.Quantify the risk If a person goes to insure their car, they’re not going to over or underinsure it. That is, they’re not going to pay a premium associated with a higher value car – if the car gets written-off, they’re only going to get the value of the car, not the extra value associated with the premium. Alternatively, if they are underinsured, they’re not going to get back the full value of the car – they will need to pay an additional amount to replace the car. When looking at a DDoS environment, it is a similar scenario. An organisation will want to make sure it understands the level of risk and apply the right mitigation and the right cost to protect that risk. Paying the cost for a DDoS mitigation that exceeds their requirements is like over insuring the car – you are paying a premium for a service that does not match your level of risk/potential loss. Similarly, implementing a DDoS mitigation that does not cover the risk will likely lead to additional costs, resulting from greater organisational impact and additional emergency response activities. Risk management is critical – rightsizing is a must – organisations need to prepare and implement a sound mitigation plan. To understand the severity of the risk DDoS imposes, organisations must quantify both probability and impact – tangible and intangible – and know the risk appetite and technical environment of the organisation. Once this information is gathered and the severity of the risk is understood, there are three key critical elements of producing a good mitigation plan that must be enacted: detection, response and rehearsal. 3.Mitigate the attack Detection; Timely detection is critical – slow detection greatly increases potential financial and reputational loss, and allows the attackers valuable time to initiate other attack vectors. Fortunately, there are several technologies out there that can be used to monitor both the physical and cloud-based environment. For example, organisations can use Netflow monitoring on border routers to detect a volumetric attack, or provide this data to a third-party for analysis and detection. Organisations can also look at using appliances to conduct automatic detection and response, again managed internally or by a third-party. In a cloud environment, there are plenty of cloud monitoring tools out there that allow companies to identify degradation and performance, CPU utilisation and latency, giving them an indication of when an attack occurs. Response; There are many DDoS mitigation solutions available, allowing organisations to match the solution to their requirements. In selecting a mitigation solution, it is important to review a complete range of options, and align the selected solution to the organisation’s risk exposure and technology infrastructure. For example an organisation operating in the cloud with a moderate risk exposure, might opt for a cloud based solution, pay-on-occurrence model. While a financial services company, operating its own infrastructure and exposed to substantial financial and reputational risk, would look for a hybrid solution, providing the best time to mitigate, low latency and near immediate failover to cloud mitigation for large volumetric attacks. Rehearsing; Once a DDoS mitigation service is selected and implemented, the detection and mitigation plan must be document and verified through testing. The frequency of testing a mitigation plan should be dependent on the level of risk. If in a high-risk environment, a business might want to rehearse monthly or quarterly. In a lower-risk environment, the organisation might stretch it out to yearly or biannually. By understanding the threat, quantifying the risk to the organisation and implementing a right-sized mitigation solution organisations can effectively and efficiently mitigate the risk of DDoS attacks. A well implemented and tested plan will protect an organisation from both financial and reputational damage, discouraging attackers, leading the wolf from your door, leaving them hunting for a softer target. Source: http://www.cso.com.au/article/617417/identifying-three-steps-ddos-mitigation/
Read the original post:
Identifying the three steps of DDoS mitigation
In the videos below, McAfee Labs show the setup requirements for installing and deploying TinyNuke. They review the available features of TinyNuke through the control panel, deploy a bot a client machine, and perform attacks against a client.
See the original article here:
Video: TinyNuke botnet explained
Threats, risks and dangers related to cyber-security are changing. CIOs must respond with a well-defined strategy and the right mix of processes and tools. Over the past few years, digital technologies have rippled through the business world and unleashed unprecedented innovation and disruption. Yet today’s technology framework also has put businesses in the crosshairs and created new levels of risk. No longer are cyber-threats thwarted by clearly defined perimeters such as firewalls. No longer are malware and cyber-attacks blocked by traditional security tools designed to identify specific viruses and code. “It’s an entirely different landscape,” observes Oswin Deally, vice president of cyber-security at consulting firm Capgemini. To be sure, mobility, clouds, the internet of things (IoT) and the increasingly interconnected nature of business and IT systems have radically changed the stakes. There’s a growing need for security transformation. Yet, at the same time, attacks are becoming more insidious and sophisticated. Phishing, spear-phishing, whaling, ransomware, hacking, hacktivism and corporate espionage are now mainstream problems. Data breaches and DDoS attacks are a daily concern. “Cyber-security has moved from a compliance and regulatory topic to front-page headline news,” says Dan Logan, director of enterprise and security architecture for Tata Consultancy Services (TCS). No Space Is Safe The scope of today’s cyber-security challenge is mind-boggling. Gartner predicts that more than 8.4 billion IoT devices will be used in 2017, and the number will swell to more than 20 billion by 2020. Meanwhile, 74 percent of organizations now store some, if not all, sensitive data in the public cloud, according to a February 2017 Intel Security study. Not surprisingly, the stakes are growing, and achieving digital transformation while ensuring security is not a simple task. An October 2016 Ponemon Institute study found that the average cost of cyber-crime to a large organization in the United States rose to more than $17 million in 2016. An interconnected world with intertwined data means that threats can come from anywhere at any time. Business disruption, information loss, a diminished brand image and revenue, and damage to equipment are constant risks. Nevertheless, organizations are struggling to keep up. Ponemon points out that only 39 percent of companies deploy advanced backup and recovery operations, though it reduces the average cost of cyber-crime by nearly $2 million. Similarly, only 28 percent of companies have a formal information governance program, though this typically reduces the cost of cyber-crime by nearly $1 million. Capgemini’s Deally says that a starting point for dealing with today’s threat landscape is to recognize that there are two primary areas to focus on: business-driven events and threat-driven events. The former revolves around things like digital commerce, innovation, intellectual property, products and supply chains that present targets and create risks for the enterprise. The latter encompasses attack methods and vectors, including email, mobile devices, the IoT, and other systems and software. “It is becoming more and more of a borderless world where the devices that drive productivity also represent risk,” he points out. CIOs and other enterprise leaders must understand business and technology intersection points and how they introduce risks at various levels—from application security to APIs and network design to clouds. It’s also important to clearly understand business and data assets and identify priorities in terms of value, sensitivity and risk. Not all data is created equal and not all systems require equal protection. This approach, when layered over specific industry risks, begins to deliver some clarity about how and where to focus a cyber-security strategy and select the right protections and processes. o be sure, cyber-security must take a multilayered approach, and it must focus on defense-in-depth. One of today’s challenges is that intruders may gain entry to a network through a vulnerability or breach and worm their way through systems and files over a period of weeks, months or years. These advanced persistent threats (APTs) use multiple tools, technologies and methods to take intrusions to a deeper and more dangerous level. In some cases, the intruders may never make their presence known. They simply pull information—everything from employee or customer data to intellectual property—to perpetuate attacks that monetize their efforts. Secure Horizons CIOs and other enterprise leaders must ultimately focus on strategies that rely on multiple tools, technologies and methods to address the problem on several fronts. This may include everything from reviewing privileges and reexamining authentication methods to analyzing coding practices and reviewing the way encryption is used for data at rest and in transit. It could also address everything from vendor relationships to coding practices. For example, as organizations migrate to DevOps, it’s possible to use automated code scanning to detect vulnerabilities before software goes live. In addition, emerging cyber-security tools use artificial intelligence (AI), machine learning or deep learning, along with analytics, to detect unusual behavior and patterns. If an employee logs in at an unusual time from an unknown device or IP address, the system may require re-authentication. However, TCS’ Logan also stresses the urgency of employee education and training. Many of today’s breaches are caused by inattentive employees, sometimes even those in the C-suite, who click a link and infect a system with malware, including ransomware. In other cases, employees circumvent policies because they interfere with their work, or they turn to shadow IT and rogue applications to complete work easier or faster. “Ongoing employee education about phishing—and the use of anti-phishing campaigns that send test emails to users and then respond to clicks with just-in-time education—is an effective addition to employee security awareness efforts,” Logan says. Likewise, intelligence sharing services can help organizations identify new risks quickly. In the end, Logan says that a simple mnemonic is useful for security transformation: ARM. This translates to assess, remediate and monitor. Best-practice organizations embed cyber-security into the foundation of day-to-day IT operations. They have robust backup and recovery systems in place to guard against ransomware and other problems. They handle basic blocking and tackling but also examine how more advanced tools, technologies and practices can boost protection. To be sure, the road to security transformation is long and winding. “A world-class organization must excel at the basics of identity management, vulnerability management, configuration management, incident management, incident response, backup and recovery,” Logan explains. Capgemini’s Deally adds: “From a CIO’s perspective, it’s essential to look at what are you doing from a business perspective and build security protections from there. The most important question—and the one to work backward from in every case—is, ‘How can I best mitigate risk?’ Source: http://www.cioinsight.com/security/recognizing-the-new-face-of-cyber-security.html
Read More:
Recognizing the New Face of Cyber-Security
The cyber security industry has been urged to co-operate with government to protect UK critical national infrastructure from cyber attacks. UK security services have reportedly told nuclear power stations to bolster their cyber defences in the face of increased threats. Government officials have warned that terrorists, foreign spies and “hacktivists” are looking to exploit “vulnerabilities” in the nuclear industry’s internet defences, according to the Telegraph. UK energy minister Jesse Norman is quoted as saying that nuclear plants must make sure that they “remain resilient to evolving cyber threats”. However, he said the government is fully committed to defending the UK against cyber threats, and that the Civil Nuclear Cyber Securty Strategypublished in February 2017 sets out ways to ensure that the civil nuclear sector can defend against, recover from and remain resilient to evolving cyber threats. According to the strategy, the volume and complexity of cyber attacks against the UK are growing and the range of actors is widening. “The threat is becoming increasingly global and asymmetric. Both states and non-state actors can use easily-available cyber tools for destructive purposes,” the strategy states. The strategy sets out a voluntary roadmap to enable organisations in the civil nuclear sector to meet the increasing threat from cyber, and will support the development of cyber security capability of the sector, ensuring organisations will be able to comply with current and new regulation as well as being able to recover from compromises. However, for this to be achieved, the strategy said civil nuclear sector needs to work as a partnership between the government, regulator and industry, with clear roles and responsibilities which are understood and agreed. The strategy warns that the nuclear industry has to do more to protect itself, saying current mechanisms for sharing information in relation to vulnerabilities and how compromises have been addressed will need to be strengthened and enhanced to ensure good practice is shared, and continuous improvement can be made. In November 2016, veteran US investigative reporter Ted Koppel said a cyber attack on the US power grid is likely, but preparations for such an event are not up to scratch. “We are our own worst enemies,” he told Intel Security’s annual Focus conference in Las Vegas, saying that despite the risk of a cyber attack blackout, the US is unprepared for the consequences. Peter Carlisle, vice-president for Europe, Middle East and Africa at Thales e-Security believes cyber attacks against critical national infrastructure are set to increase dramatically as criminals develop “increasingly heinous methods” to jeopardise the UK’s national security. “From power stations to the transport network, the risk to the public remains severe, especially if hackers are able to gain access to electronic systems. “To tackle this, the security industry must stand shoulder to shoulder with the government to protect data and critical infrastructure from attack, and ensure hostile forces never have the opportunity to do us harm,” he said. Malcolm Murphy, technology director at network management firm Infoblox said attacks against IT networks are becoming increasingly common, and, if carried out against critical national infrastructure, can represent a significant threat to national security. “In addition to the damage caused to the networks themselves, a DDoS [distributed denial of service] attack on an organisation’s domain name system [DNS] can be used to prevent communication of and around the attacks, causing confusion and panic as seen in the attack on the Ukraine power grid in 2015,” he said. “The DNS is a mission-critical piece of network infrastructure used by all organisations without which networks cannot function. Often inadequately protected by traditional security solutions, it remains a vulnerable network component frequently used as an attack vector by cyber-criminals. “With botnets available for hire for relatively small sums of money online, DNS-based DDoS attacks are becoming increasingly easy for cyber criminals to carry out, and in their efforts to defend the country against the growing cyber threat, organisations responsible for the security of critical infrastructure should be making DNS protection a top priority,” he said. Most UK businesses have little visibility or control over their DNS servers and services, even though they are a key component of businesses’ infrastructure and security profile, a report published in March 2017 revealed. Only 8% of companies polled claim to have full visibility across all areas of DNS, including frequency of dropped requests, cache poisoning, latency and overall load on DNS infrastructure, rendering it impossible to ensure a consistent service to internal and external internet users. Source: http://www.computerweekly.com/news/450416097/UK-nuclear-stations-on-terror-alert-for-cyber-attacks
See the article here:
UK nuclear stations on terror alert for cyber attacks
Researchers have spotted a new Mirai variant in the wild that is better at launching application layer attacks; other researchers spotted a new Cerber ransomware variant that can evade machine learning. A new variant of the Mirai IoT malware was spotted in the wild when it launched a 54-hour DDoS attack against an unnamed U.S. college. While the attack occurred on February 28, Imperva Incapsula is informing the world about it today. The researchers believe it is a new variant of Mirai, one that is “more adept at launching application layer assaults.” The average traffic flow was 30,000 requests per second (RPS) and peaked at about 37,000 RPS, which the DDoS mitigation firm said was the most it has seen out of any Mirai botnet so far. “In total, the attack generated over 2.8 billion requests.” During the 54-hour DDoS attack on the college, researchers observed a pool of attacking devices normally associated with Mirai such as CCTV cameras, DVRs and routers. Attack traffic originated from 9,793 IPs worldwide, but 70% of the botnet traffic came from 10 countries. The U.S. topped the list by having 18.4 percent of the botnet IPs. Israel was next with 11.3 percent, followed by Taiwan with 10.8 percent. The remaining seven countries of the top 10 were India with 8.7 percent, Turkey with 6 percent, Russia with 3.8 percent, Italy and Mexico both with 3.2 percent, Colombia with 3 percent and Bulgaria with 2.2 percent of the botnet traffic. Other signature factors such as header order and header values also helped the researchers identify the attack as a Mirai-powered botnet, yet the DDoS bots hid behind different user-agents than the five hardcoded in the default Mirai version; it used 30 user-agent variants. Incapsula said, “This–and the size of the attack itself–led us to believe that we might be dealing with a new variant, which was modified to launch more elaborate application layer attacks.” Less than a day after the 54-hour hour attack on the college ended, another was launched which lasted for an hour and half; during the second attack, the average traffic flow was 15,000 RPS. 90% of application layer attacks last less than six hours, Incapsula said, so “an attack of this duration stands in a league of its own.” The researchers said they “expect to see several more bursts before the offender(s) finally give up on their efforts.” Cerber ransomware variant evades machine learning Elsewhere, Trend Micro also has bad news in the form of a new Cerber ransomware variant. Cerber has “adopted a new technique to make itself harder to detect: it is now using a new loader that appears to be designed to evade detection by machine learning solutions.” The newest Cerber variant is still being delivered via phishing emails, but those emails now include a link to Dropbox which downloads and self-extracts the payload. If the loader detects it is running in a virtual machine, in a sandbox, or if certain analysis tools or anti-virus are running, then the malware stops running. Cerber stops, Trend Micro said, if it detects any of the following are running: msconfig, sandboxes, regedit, Task Manager, virtual machines, Wireshark, or if security products from the vendors 360, AVG, Bitdefender, Dr. Web, Kaspersky, Norton or Trend Micro are running. Trend Micro explained: Self-extracting files and simple, straightforward files could pose a problem for static machine learning file detection. All self-extracting files may look similar by structure, regardless of the content. Unpacked binaries with limited features may not look malicious either. In other words, the way Cerber is packaged could be said to be designed to evade machine learning file detection. For every new malware detection technique, an equivalent evasion technique is created out of necessity. Source: http://www.computerworld.com/article/3186175/security/new-mirai-iot-variant-launched-54-hour-ddos-attack-against-a-us-college.html
Read the article:
New Mirai IoT variant launched 54-hour DDoS attack against a U.S. college
Cybercriminals organising DDoS attacks are making a profit of around $18 per hour, says Kaspersky. Do you know how much it costs to hire hackers for a DDoS attack? I’m asking for a friend. Anyway, Kaspersky Lab seems to know the answer as its researchers have spent some time looking into DDoS-as-a-service websites, and have come up with some numbers. As it turns out, it’s can be pretty cheap to have a website DDoSed, even though that could mean losses for the victim, in millions. It seems as hackers are undervaluing their services, yet again. In a press release, Kaspersky Lab said a DDoS attack can cost “anything from $5 for a 300-second attack, to $400 for 24 hours”. The average price for an attack is approximately $25 an hour. Using a cloud-based botnet of 1,000 desktops will set you back roughly $7 per hour. “That means the cybercriminals organising DDoS attacks are making a profit of around $18 per hour.” http://www.itproportal.com/news/a-ddos-attack-is-cheaper-than-a-pack-of-doughnuts/The definitive price is determined by a couple of factors. First, what type of devices are being used. An IoT-botnet is cheaper than a server-botnet. The type of site that needs to be attacked can also be a factor. Government sites, or those with dedicated DDoS protection, will be more expensive. “We expect the profitability of DDoS attacks to continue to grow. As a result, will see them increasingly used to extort, disrupt and mask other more intrusive attacks on businesses,” commented says Russ Madley, Head of B2B at Kaspersky Lab UK. “Worryingly, small and medium sized businesses are not confident in their knowledge of how to combat these threats effectively. The longest DDoS attack in 2016 lasted 292 hours according to Kaspersky Lab’s research, or about 12 days. Most online businesses can ill-afford to have their ‘doors closed’ for even an hour, let alone for 292 hours, as criminals take advantage of their poor defences. Companies that host these online sites are also under attack on a daily basis. The channel has a significant opportunity with our help to identify risks, provide strategic advice and deliver the right solutions to customers to prevent damaging DDoS attacks.” Source: http://www.itproportal.com/news/a-ddos-attack-is-cheaper-than-a-pack-of-doughnuts/
Original post:
A DDoS attack is cheaper than a pack of doughnuts