In a SYN Flood attack, for example, the invader sends enough SYN requests to a company's system to consume server resources and stall legitimate traffic. The attacker disrupts operations, distracts the website and security teams, and makes sure the targeted network is still accessible. This allows the intruder to plant malware or a virus, setting the stage for data theft and funds siphoning.

Here are seven scary trends discussed in the report:

1. Attackers infiltrate with purpose, use DDoS as a weapon of distraction

Fifty percent of companies on both sides of the Atlantic Ocean reported some form of theft as a result of DDoS attacks, including personal customer data, intellectual property and financial larceny.

Hackers injected malware or viruses into systems belonging to 36% of companies. Forty percent of attacks were under five gigabits per second (Gbps). Even attacks of less than one Gbps can disrupt operations and smokescreen a bigger threat such as the installation of malware.

2. Slow and steady attacks have lasting repercussions

Rather than try to overwhelm networks, attackers often use a "slow and low" strategy, deploying smaller attacks to disrupt and distract, install malware, steal data or funds, and tarnish the brand.

This lets attackers harass a target and set the stage for exfiltration. A so-called smaller attack can be more dangerous than a huge one that knocks an organization offline but may not result in a data breach.

3. Risks are growing

North American and EMEA businesses perceive DDoS as a grave danger – 44% say the threat is now bigger, while 45% say it's as large as it was the year before.

One in 10 companies surveyed risked an average of $1 million or more if their website was down for one hour during their peak revenue period. In North America, 35% would lose more than $100,000 per hour in a peak-time DDoS outage.

4. It's not if or when, but how frequently

Fifty percent of companies suffered a DDoS attack and 80% of those faced the cyber assaults more than once. An attacked organization's chances of experiencing a breach are more than 70%.

DDoS attacks are typically not isolated incidents. Hackers target the majority of victimized companies multiple times.

5. When caught by surprise, brands lose credibility

In the wake of online attacks, organizations must consider the risks to their digital reputation.

More than one third of organizations attacked learned of the hit from customers, partners or other third parties.

A recent report from Neustar and The Ponemon Institute revealed that 63% of consumers distrust brands that have suffered a data breach. Even one year after a breach, more than 50% of people still view the brand negatively.

6. Companies feel the sting in customer-facing areas

Once solely considered a security or IT problem, DDoS attacks now ripple through every part of a business. The top three areas affected are: Customer support (41%), brand damage (35%), marketing/online promotional spending (25%).

"DDoS attacks don't just ruin the IT department's day," the report stated "They affect the call center, customer service, sales and your brand. When attacks reoccur, the business impact adds up."

7. Companies realize the threat is valid

As they face more frequent attacks, 54% of companies are investing more in DDoS protection than they were one year ago. More than 50% of companies assign six or more people to mitigate attacks.

DDoS-specific defenses are on the rise in North America & EMEA, as noted in the results below:

• DDoS mitigation service: 34% (up from 14% the previous year)
• DDoS mitigation appliance: 24% (up from 15%)
• DDoS mitigation appliance and service (hybrid solution): 25% (up from 20%)