There are some things in life that you can only come to fully understand once they’ve happened to you. None of these things are ever good. The indescribable feeling of breaking a bone. The gut plummet of falling from a significant height. The paralyzing awkwardness of walking into an elevator to find yourself standing beside a date you ran out on while pretending to get another drink.
DDoS attacks often fit into this category. Even with as many horror stories as you hear it’s still hard to grasp just how bad an attack can be and what kind of impact it can have on a company until it’s happened. The following breakdown is about as close as you can come to getting it before you really, truly, unfortunately understand.
Downsides of downtime
DDoS attacks, or distributed denial of service attacks, have become a well-known source of strife for businesses of all sizes. With their botnet-created influxes of malicious traffic designed to overwhelm the target website or service, DDoS attacks start causing problems from the very first second that website or service goes down, and the repercussions can last for weeks, months and even years after the attack has ended.
The cost of a successful DDoS attack to the company it hits can be divided between the costs spent actively dealing with the attack, and the losses incurred because of the attack. That may seem like splitting hairs, but there has to be some way to make some sense of these astronomical costs.
Now the numbers
Depending on the size of the affected organization, the cost of just one hour of a DDoS attack can range between $20,000 and $100,000. Take those numbers and multiply them by the six plus hours attacks can last for and enterprise-level organizations could easily be looking at millions of dollars in DDoS-related costs.
The costs that go into those figures are associated with actually mitigating the attack and restoring the services affected. Whether this means onboarding a professional mitigation service, diverting all IT staff to mitigation and remediation efforts, purchasing an offline or backup system while services are down, repairing or replacing damaged hardware or software or any combination of the above, the expense can be immense and there isn’t much possibility of reducing or delaying it.
The unquantifiable costs
The other big contributor to the cost of distributed denial of service attack is the money lost because of the attack – revenue that would’ve come in if services were available, clients and customers that would’ve remained loyal if it weren’t for security concerns, and potential clients and customers that wouldn’t have turned to a competitor if the affected company’s reputation hadn’t taken a hit.
These losses are hard to definitively total up, meaning they don’t even factor into those six and seven figure totals quoted above. Not only are these unquantifiable losses significant, but these are the long-term consequences that can allow a DDoS attack’s shockwaves to still be felt months or even years down the line.
Ignorance is bliss
The best way to never fully understand just how bad some things can be is to never experience them. To try and avoid riding your child’s bike into a parked car while demonstrating how easy it is, snapping your collarbone in the process. To leave roofing to the roofers instead of tumbling over the eavestrough. Investing in professional DDoS mitigation before an attack begins is likely the only way to keep your company from truly grasping how bad these attacks can be, and at this point you probably have to agree that ignorance is bliss.