Eighty-eight percent of U.S. businesses claim confidence in their current distributed denial of service mitigation, despite 69% having suffered a successful DDoS attack in the last 12 months.
The Research conducted by Sapio Research on behalf of CDNetworks surveyed 500 senior IT personnel in the US, UK, Germany, Austria and Switzerland, also found 88% of U.S. businesses believed new DDoS attacks to be likely or almost certain in the next 12 months.
The report revealed DDoS attacks are growing in both number and size, and their aftershocks are taking over headlines. "The Mirai botnet attack that targeted Dyn in October 2016, which caused major service providers including Twitter, Amazon and the BBC to be undermined, is a classic example of how cybercriminals take advantage of the remarkable increase in connected devices available for recruitment to an en masse attack." This, plus the overall growth in criminal sophistication, has led to a far greater danger of enterprises suffering a DDoS attack.
The self-assurance of U.S. companies stems from their high and growing DDoS investment, and their long track record in investment in DDoS mitigation. A denial-of-service attacker seeks to disrupt network resource. DDoS mitigation are tools or techniques for resisting DDoS attacks.
The report states, "Overconfidence is understandable if the victims of DDoS attacks are randomly selected – the cyber equivalent of being caught in the crossfire. But this excuse doesn't stack up." The results disclosed U.S. businesses believe malicious attacks by competitors are the most likely reason for an attack (32%), closely followed by blackmail (30%). "These clearly deliberate motivations make the IT teams' overconfidence and under-preparation even more striking."
Other results show U.S. businesses rank second in the proportion of successful attacks in the last 12 months, beaten only slightly by the UK (71%); and that they spend the most on DDoS mitigation – an average of $34,750 per year as compared to DACH (German, Austria, Switzerland) respondents who have spent $29,000 on average. More than one quarter (26%) of all U.S. respondents have invested more than $53,000 in DDoS mitigation technologies in the last 12 months.
"The results show that most U.S. companies are mindful of the alarming recent rise in DDoS attacks, and are increasing their investment in mitigation technology in response," Alex Nam, managing director, CDNetworks Americas said. "This has understandably led to a confidence in resilience. But when comparing alongside the frequency of DDoS attacks and the likelihood of their success, this confidence tips worryingly into complacency. While initial and prolonged investments are theoretically putting U.S. companies in a strong position to protect themselves against DDoS attacks, it seems businesses have not noticed they are losing the arms race against cybercriminals. Only with fundamental changes in mindset and more targeted investment can such confidence be earned."
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
