Analysis: Why CIOs should fear DDoS

By Sooraj Shah
27 Jul 2012 View Comments

"It would be too simple to say that they are integrated, it is about bringing the elements together rather than saying there is an integrated group of components," he said.

Further reading

Roberts agreed with Kellett and suggested that in many cases, DDoS attacks are merely used as a testing phase.

"If a DDoS attack is successful in bringing down a company's systems then that network is also likely to be susceptible to other attacks such as a Trojan or a virus," he said.

His statement is supported by mobile operator Verizon's 2012 Data Breach Investigations Report, which found that most victims of data breaches (79 per cent) fell prey because they were found to possess an exploitable weakness rather than because they were pre-identified for attack.

The same report found that 85 per cent of breaches took weeks if not months to discover, as many third parties discover them as oppose to the business itself.

"If an organisation's security can be quietly breached and malware can be implemented – it can sit [inside the system] and can start to deliver data from the organisation that is beneficial in terms of the value the attacker can obtain, such as stealing intellectual property," Kellett said.

So the message for CIOs and CISOs is clear. Don't treat DDoS attacks simply as an inconvenience, they could mask something far more sinister.

Reader comments
blog comments powered by Disqus
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

39 %
26 %
14 %
21 %