What is the Cost of a DDoS Attack?

Admin Globaldots
image 4 Min read

The cost will depend on several variables, such as the type of business you are in, the volume of your business that is online, the type of brand you are developing, the type of customers, as well as your competitors. There are even calculators that can help you come up with such number in advance, relying on your annual revenue, annual revenue through online sales and the frequency of attacks in a given industry. “Enterprises, hosting providers and cloud service providers are experiencing DDoS attacks on their data centers more frequently and with more severe business consequences than ever before,” according to recent Arbor Networks white paper. “Because the goal of an attacker is to create maximum disruption, attacks are more likely to occur at the worst possible times for your business.”

In their survey results, hourly cost of downtime per 1000 square feet (as in data center size) ranges from $8,500 to $201,000, with a mean of $46,000.


Image 1 – In all security threats, DDoS attacks bring most damage (Image source: Arbor Networks)

The Performance

How is the DDoS attack done, in the first place? The attacker chooses one computer system and makes it the DDoS master. From the master system, he begins communicating with other computer systems that can, in result, be compromised and used, i.e. they now become controlled machines referred to as zombies or bots (sometimes there can be as many as hundreds of thousands of them). With a single instruction from the master system, the attacker can have all the controlled machines launch packets at the targeted host. This stream finally overwhelms the targeted machine, and the result is the denial-of-service, or a complete stop of all the site’s functions on the internet, so that no one can access it.

Crashing Results

In 2012, the revenue risk for a DDoS attack was estimated, for most cases, at less than £1,000 per hour. However, the impact could reach more than £100,000, with financial sector organizations, or telecoms firms, for example. To put it in a perspective, 37% of DDoS attacks reported in 2012, lasted for more than 24 hours, 24% lasted for more than three days, and 22% lasted for more than a week (see: Computer Weekly).

Another serious damage, besides the financial loss, happens along with the denial of service attack. Brand value is seriously eroded, operational costs can skyrocket, and you might have to invest in new people and technologies to manage the risk better in the future.

A high percentage of companies still do not have proper protection against DDoS attacks, i.e. they use only routers and switches and web application firewalls, and as many feel they won’t be targeted. Breaking news. DDoS attack tools are now more available than ever, free or at a low cost, to any individual who can now find an easy way through the network to disrupt a webpage. Most targeted are e-commerce services, and financial services, but also large businesses such as Amazon, or Yahoo! Not even PirateBay was spared of a DDoS attack in the recent past. in 2011, WordPress, the site thatserves 18 million publishers, and is responsible for 10% of all websites in the world, was down for several hours.

Changing Nature: Getting Bigger, but Shorter!

As we have discussed in our previous post on DDoS attacks, they are escalating in size, frequency and complexity. However, it seems, they are getting shorter, 86% now last less than one hour. At the same time, average bit per second size almost doubled, 46.5% of attacks are now over 1Gbps, which is a jump of 13.5% from 2012. Proportion of attacks in the 2-10 Gbps range more than doubled, even proportion of attacks over 10 Gbps increased by 41.6%. In the first half of 2013 we have seen more than double the total number of attacks over 20Gbps we saw in the whole of 2012, according to live ATLAS feed.

This is the active threat that continues with great speed and requires resourceful defense.


DDoS attacks cannot be fully avoided, nor can you fight them with a single method. The intensity of the packets launched at the site, however, can be lessened, and these methods are known as DDoS mitigation. The attack prevention also depends on the entire internet community and their keeping of machines up to date and using proper security tools.

There are general techniques, i.e. common preventive measures such as system protection, cleaning, installing security patches, firewall, IP hopping. Also, and more importantly, filtering techniques: filtering of incoming IP addresses, adapting restrictive mechanisms, reversing IP paths, filtering spoofed IP packets, controlling traffic… The combination of both can help successful mitigation, but none is a guarantee.

Read more:



There’s more to see

How Separating Data & Network Security Protects Your Supply Chain
Supply-Chain Data Protection
Dr. Eduardo Rocha, Senior Solutions Engineer & Security Analyst @ GlobalDots 09.05.22

Software supply chain security is an enormous concern for businesses today. According to a 2021 Argon cybersecurity report, software supply chain attacks increased threefold in 2021 compared to the previous year.  The constant race of companies to do things faster while delivering a better, richer user experience adds a multitude of vulnerabilities to the supply […]

Read more
SASE vs. SD-WAN: A Quick Guide
Miguel Fersen, Senior Cloud Consultant @ GlobalDots

New technologies have a wicked tendency to pile up. With cloud solution categories now emerging on a weekly basis, the result of bringing them into your estate is usually more complexity and confusion. But sometimes, a single new technology allows us to rid a bunch of old ones in a snap. SASE pretends to be […]

Read more
Old Dogs, New Tricks: Innovating with CDNs
Content Delivery Network (CDN)
Dror Arie, Senior Solutions Architect @ GlobalDots 20.04.22

Today’s digital businesses with global customers cannot afford slow page loads and applications caused by physical distance and latency issues. Page load speeds can have a significant effect on customer acquisition and retention. Walmart discovered that a 1% increase in page load time results in a 2% increase in conversion rates. So businesses are using […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Contact us