Analysis: Why CIOs should fear DDoS

By Sooraj Shah
27 Jul 2012 View Comments

"It would be too simple to say that they are integrated, it is about bringing the elements together rather than saying there is an integrated group of components," he said.

Further reading

Roberts agreed with Kellett and suggested that in many cases, DDoS attacks are merely used as a testing phase.

"If a DDoS attack is successful in bringing down a company's systems then that network is also likely to be susceptible to other attacks such as a Trojan or a virus," he said.

His statement is supported by mobile operator Verizon's 2012 Data Breach Investigations Report, which found that most victims of data breaches (79 per cent) fell prey because they were found to possess an exploitable weakness rather than because they were pre-identified for attack.

The same report found that 85 per cent of breaches took weeks if not months to discover, as many third parties discover them as oppose to the business itself.

"If an organisation's security can be quietly breached and malware can be implemented – it can sit [inside the system] and can start to deliver data from the organisation that is beneficial in terms of the value the attacker can obtain, such as stealing intellectual property," Kellett said.

So the message for CIOs and CISOs is clear. Don't treat DDoS attacks simply as an inconvenience, they could mask something far more sinister.

Reader comments
blog comments powered by Disqus
Is it time to open Windows?

Computing believes that Microsoft will start offering Windows free of charge by 2017. Is this a good thing for the enterprise?

56 %
15 %
7 %
20 %
2 %