Distributed Denial of Service (DDoS) attacks are a competitive weapon of choice for unscrupulous online businesses, according to independent research conducted by Corero Network Security. The research conducted with IT directors in 200 mid- to large-sized enterprises in the United States found that unfair business practices trumped “hacktivism” as the reason cited for DDoS attacks.
Conducted by Vanson Bourne, the research poll showed nearly two-thirds (63%) of IT directors were highly concerned about the threat of a DDoS attack with more than a third (38%) of the companies hit by at least one attack in the last 12 months.
Contrary to the widespread belief that ideological and political motivation are the driving forces behind DDoS attacks, more than half (52%) of the companies surveyed that had been victims of a DDoS attack blamed “competitors looking to gain a business advantage.”
In contrast, ideology was blamed by enterprise IT directors surveyed for only 20% of the DDoS attacks.
“Hacktivists are a threat to anybody who touches on public policy, privacy around the internet and of late anybody in law enforcement, but the average business will never find itself in the sights of groups like Anonymous, whereas every business has competitors,” said Richard Stiennon, chief research analyst at IT-Harvest.
“These new low and slow application-layer attacks are ideal for competitors seeking to disrupt business activity,” Stiennon said.
Unfair business advantage was cited as the leading source of DDoS attacks reported by victim companies in each vertical surveyed: Financial Services (62%), Retail (47%) and Manufacturing (46%).
The research found that financial extortion, the threat of DDoS for ransom money, was the least frequent motive for DDoS attacks, with enterprises citing it 12% of the time.
“As businesses grow increasingly dependent on the Internet to reach customers and interact with partners and suppliers, so the attackers grow more sophisticated in their means of attack,” said Neil Roiter, director of research, Corero. “This research reveals that enterprises across verticals are justifiably concerned about being targeted by DDoS attacks, and they should be particularly wary of the new low and slow application-layer attacks, which appear to be legitimate and fly under the radar.”