Leading IT decision-makers in the Kingdom have indicated that distributed denial-of-service (DDoS) attacks are fast becoming a main security risk in for Saudi businesses.
This was stated in a new survey released at a seminar in Riyadh on the cyber risks and business security in the Kingdom.
The survey, commissioned by global Application Delivery Networking leader F5 Networks, and conducted by Redshift Research, said: “84 percent agreed that DDoS attacks can have a strong adverse impact on business.”
The survey included 109 of these Saudi decision-makers, employed in companies with at least 500 employees said that 56 percent of respondents singled out data and revenue loss resulting of these attacks as the main concerns whereas 55 percent cited a related decline in productivity.
Commenting on the survey, Saudi expert Mamdoh Allam, Saudi Arabia country manager of F5 Networks, said: “DDoS attacks are a major problem in Saudi Arabia and they are only going to intensify as cyber criminals compete with each other to devise new ways of causing disruption,”
“DDoS attacks can affect businesses in many ways and attacks can cause damage running into many millions of dollars, permanently ruining a company’s reputation with everything from downtime to putting customer data at risk.”
Allam explained that while attackers have traditionally used personal computer networks to launch DDoS attacks, it has become increasingly common to hijack oblivious global networks of malware infected machines to coordinate large-scale attacks.
The survey also stated that 40 percent of the Saudi IT decision makers had endured a DDoS attack. 34 percent claimed normalcy after a few days, 36 percent after a week and 20 percent after a few weeks. Ten percent of those surveyed said it took up to a month to get back to business as usual.
Around 45 percent did put the estimated cost of recovery at between $3 to 5 million, 30 percent between $5 to 10 million, and 16 percent between $10 to $20 million, and 2 percent said the damage was as high as $20 to $30 million.
The survey also highlighted the need for greater industry-wide awareness. Allam stressed that the responsibility is now on businesses to place cyber security at the heart of their business strategies and do everything they can to gain a more comprehensive understanding of both cyber-attacker identity and their motivations.
In particular, Allam pointed to the potential of full-proxy firewalls that can handle hundreds of thousand connections per second, policy management solutions that curb unauthorized access without impacting on the end-user, and uptime-boosting application security and traffic manager solutions that combine to block malicious intrusions and re-route legitimate requests.