What is the Cost of a DDoS Attack?

4 Min read

The cost will depend on several variables, such as the type of business you are in, the volume of your business that is online, the type of brand you are developing, the type of customers, as well as your competitors. There are even calculators that can help you come up with such number in advance, relying on your annual revenue, annual revenue through online sales and the frequency of attacks in a given industry. “Enterprises, hosting providers and cloud service providers are experiencing DDoS attacks on their data centers more frequently and with more severe business consequences than ever before,” according to recent Arbor Networks white paper. “Because the goal of an attacker is to create maximum disruption, attacks are more likely to occur at the worst possible times for your business.”

In their survey results, hourly cost of downtime per 1000 square feet (as in data center size) ranges from $8,500 to $201,000, with a mean of $46,000.

Reduce your AWS costs by over 50%

Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.

Reduce your AWS costs by over 50%

Image 1 – In all security threats, DDoS attacks bring most damage (Image source: Arbor Networks)

The Performance

How is the DDoS attack done, in the first place? The attacker chooses one computer system and makes it the DDoS master. From the master system, he begins communicating with other computer systems that can, in result, be compromised and used, i.e. they now become controlled machines referred to as zombies or bots (sometimes there can be as many as hundreds of thousands of them). With a single instruction from the master system, the attacker can have all the controlled machines launch packets at the targeted host. This stream finally overwhelms the targeted machine, and the result is the denial-of-service, or a complete stop of all the site’s functions on the internet, so that no one can access it.

Crashing Results

In 2012, the revenue risk for a DDoS attack was estimated, for most cases, at less than £1,000 per hour. However, the impact could reach more than £100,000, with financial sector organizations, or telecoms firms, for example. To put it in a perspective, 37% of DDoS attacks reported in 2012, lasted for more than 24 hours, 24% lasted for more than three days, and 22% lasted for more than a week (see: Computer Weekly).

Another serious damage, besides the financial loss, happens along with the denial of service attack. Brand value is seriously eroded, operational costs can skyrocket, and you might have to invest in new people and technologies to manage the risk better in the future.

A high percentage of companies still do not have proper protection against DDoS attacks, i.e. they use only routers and switches and web application firewalls, and as many feel they won’t be targeted. Breaking news. DDoS attack tools are now more available than ever, free or at a low cost, to any individual who can now find an easy way through the network to disrupt a webpage. Most targeted are e-commerce services, and financial services, but also large businesses such as Amazon, or Yahoo! Not even PirateBay was spared of a DDoS attack in the recent past. in 2011, WordPress, the site thatserves 18 million publishers, and is responsible for 10% of all websites in the world, was down for several hours.

Changing Nature: Getting Bigger, but Shorter!

As we have discussed in our previous post on DDoS attacks, they are escalating in size, frequency and complexity. However, it seems, they are getting shorter, 86% now last less than one hour. At the same time, average bit per second size almost doubled, 46.5% of attacks are now over 1Gbps, which is a jump of 13.5% from 2012. Proportion of attacks in the 2-10 Gbps range more than doubled, even proportion of attacks over 10 Gbps increased by 41.6%. In the first half of 2013 we have seen more than double the total number of attacks over 20Gbps we saw in the whole of 2012, according to live ATLAS feed.

This is the active threat that continues with great speed and requires resourceful defense.


DDoS attacks cannot be fully avoided, nor can you fight them with a single method. The intensity of the packets launched at the site, however, can be lessened, and these methods are known as DDoS mitigation. The attack prevention also depends on the entire internet community and their keeping of machines up to date and using proper security tools.

There are general techniques, i.e. common preventive measures such as system protection, cleaning, installing security patches, firewall, IP hopping. Also, and more importantly, filtering techniques: filtering of incoming IP addresses, adapting restrictive mechanisms, reversing IP paths, filtering spoofed IP packets, controlling traffic… The combination of both can help successful mitigation, but none is a guarantee.

Read more:

Latest Articles

Justt – IaC

Justt is a chargeback mitigation startup based in Tel Aviv. Chargebacks, as defined, are demands by a credit card provider for a retailer to reimburse losses on fraudulent or disputed transactions. Justt’s objective is to assist merchants worldwide in combating false chargebacks using its proprietary artificial intelligence technology.

22nd February, 2024
8 FinOps Best Practices for Cutting Cloud Costs

The cloud used to be viewed as a place of significant cost savings: rather than purchasing and maintaining dozens of server stacks, organizations could outsource this and purchase compute power on an as-needed basis. In the ensuing rush to cloud architecture, however, many companies simply lifted-and-shifted their old financial bad habits. The sheer speed of […]

22nd February, 2024
How FinOps Capabilities Can Unlock Your Cloud Cost Goals

Cloud computing has transformed more than individual app architectures: it’s granted both start-ups and market leaders an equal platform for innovation. New products are no longer dependent upon complex revenue-draining in-house server stacks. Instead, cloud-native disruptors such as Uber and Airbnb have been able to harness the once-unthinkable degrees of agility, scalability, and cost-efficiency that […]

24th January, 2024

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential