Organizations slow to detect damaging cyberattacks, study finds

Organizations slow to detect damaging cyberattacks, study finds
© Getty

Public and private organizations globally are getting slower at detecting and responding to distributed denial of service (DDoS) attacks as they become larger and more complex, new research shows. 

More than half of organizations surveyed in a global study released by information services firm Neustar on Tuesday reported taking three hours or more to detect a DDoS attack on their websites in the past year. Forty-eight percent said that they take at least three hours to respond to such an attack.

“That was significantly higher than it was last year,” Joe Loveless, director of Neustar Security Solutions, told The Hill. “We’re in a world where damage can occur in moments.” 


DDoS attacks occur when cyber criminals direct a tremendous amount of traffic to services connected to the internet to render them inaccessible. The attacks are a common way to take down websites and often use what are called “botnets” — an army of infected internet-connected devices — to direct traffic to the target. 

This type of threat attracted attention last October, when a DDoS attack against domain name service Dyn took down popular websites like Amazon, Netflix and Twitter. 

According to the new research, while the vast majority of organizations have invested in some type of DDoS protection, 4 in 10 said that their customers notified them of attacks taking down their websites, rather than detecting the attacks themselves. This represents an increase of more than 29 percent who said so the previous year.

Forty-three percent of those surveyed reported average revenue losses of a quarter million or more per hour from these types of attacks.

A public sector component broken out of the study and shared with The Hill also showed that, while DDoS attacks against public sector entities have declined slightly, threat actors are increasingly using DDoS in concert with other types of attacks.

For instance, 41 percent of the public sector entities surveyed said they experienced customer data theft at the same time as a DDoS attack, an increase of more than 30 percent from the previous year. 

Barrett Lyon, head of research and development at Neustar Security Solutions, said that the explosion of "internet of things" devices has made DDoS attacks easier to perpetrate. 

“You’re getting this exponential growth of machines that basically are perfect targets for these botnets. They’re being assembled as pretty powerful botnets,” Lyon said. “It’s the perfect petri dish for this kind of thing.”

Lyon said that he expects the threat to organizations from these attacks to continue to grow.

“It’s not going to get easier because as there’s more devices, there’s a bigger threat, which means you need a larger infrastructure to protect yourself,” Lyon said. “[Attackers] are getting more intelligent. The toolkits that are out there are better.”

Neustar worked with Harris Interactive to survey more than a thousand technology and security professionals from organizations around the world across multiple sectors, including financial services, technology, energy and government.