Research says a quarter of DDoS attacks claim unintended victims

According to Kaspersky Lab’s research, more than a quarter of businesses hit by a Distributed Denial of Service (DDoS) attack believe they weren’t the intended target.

The report highlights that businesses cannot afford to be complacent when it comes to today’s threat landscape, with 27% of survey respondents believing that being an innocent bystander was the most likely reason for DDoS attacks on their organisation, suggesting that all businesses are in the firing line, even when they are not on the hit list.

The continued threat of DDoS attacks and the value that they bring to those that deploy them – from halting company operations, through to accessing confidential information or demanding a ransom – means that all businesses are potential targets.


Despite this, firms are still showing signs of cyber-complacency, with 28% not using specialised anti-DDoS protection because they believe they are unlikely to be targeted by DDoS attacks.

However, this complacency is misplaced. Of the companies that experienced a security incident within the last 12 months, 44% blamed a DDoS attack as being a contributing factor to that incident – up from 25% in 2016.

This shows the impact of these types of attacks in today’s workplace and the need for organisations to proactively defend themselves against them.

It’s not just unintended attacks that firms must be ready to ward off at a moment’s notice. Nearly 23% of businesses believe a competitor was behind a DDoS attack on their organisation; 24% believed it was used as a distraction tactic to hide another attack from IT staff, and 24% believe that a DDoS attack was designed to specifically disrupt their operations.

Data protection

David Emm, principal security researcher at Kaspersky Lab, commented: “Businesses can’t afford to display an ‘it won’t happen to me mentality’ towards DDoS attacks, but a worryingly large proportion of organisations are still doing so – despite today’s heightened threat landscape.

“Given the number of attacks that companies have faced over the last year, businesses must take responsibility for their cybersecurity – no organisation is safe from DDoS attacks. There is no room for complacency when it comes to keeping operations running smoothly and critical data protected.”

With the financial consequences of DDoS attacks ranging from fighting against the attack itself, to a loss of revenue or business opportunities, it’s certainly better to be safe than sorry, says Kaspersky.

Written from press release by Leah Alger