The research amongst IT directors in 300 mid-to large-sized enterprises in the UK and US also found US companies were twice as likely as those in the UK to have experienced an attack: 38 per cent of US companies versus 18 per cent of UK companies.
The research, Conducted by VansonBourne, also revealed a much greater level of concern amongst US enterprises, reflecting the increased exposure of US companies to DDoS attack. Nearly two thirds of US IT directors said they are concerned about the threat of DDoS attack against just 29 per cent in the UK.
Retail companies in the UK are particularly worried with more than half reporting a high level of concern about DDoS attacks. This is far higher than the concern cited by financial organisations, manufacturing and other commercial sectors in the UK.
US companies across all verticals showed a heightened level of awareness and concern about attacks.
Political/ideological motivation was cited as the largest source of DDoS attack among UK companies reporting attacks, with a third blaming what is known as “hacktivism”. The different vertical markets in the UK also revealed a marked variation in the motivations behind attacks.
The retail sector in the UK considers financial extortion either for fraud or to extract ransom money to be the primary intention, whilst in the finance sector, political or ideological motives are the main reasons for the attacks.
In the US, however, a competitor seeking unfair business advantage was by far the leading motivation, as unscrupulous competitors were blamed for more than half of the DDoS attacks amongst the US companies that reported being victims. In contrast, only one in five victim companies in the UK said competitors were responsible
Whilst levels of concern about the risk of DDoS attacks varied significantly between UK and US respondents, three in five IT directors claimed to have technology in place to protect their organisations against attack. However more than half of companies surveyed were still concerned about potential attacks.
“The UK was more cautious in deploying web business assets therefore they have not been as exposed as their US counterparts. As they deploy web applications they tend to do so in a more cautious protected manner and because of this may be experiencing less disruptive DDoS attacks. As the sophistication of attacks rises their numbers will become more in line with the US,” said Richard Stiennon, chief research analyst at IT-Harvest.
“DDoS is a major, growing and evolving threat to global Internet commerce,” said Andrew Miller Chief Operating Officer at Corero Network Security plc in the UK. “High-profile ideologically motivated attacks by groups such as Anonymous have raised awareness of ‘hacktivist’-based DDoS attacks, but any enterprise may fall victim to unscrupulous competitors or cyber criminals.
“IT directors who believe they are protected against DDoS attack because they have traditional perimeter security technology, such as network firewalls, in place, may be lulled into a false sense of security. These companies should consider purpose-built DDoS defence technology to block attacks and maintain continual availability lest the business suffer significant loss.”