Nearly 8 in 10 APAC firms with active IoT devices have been hit by cyberattacks

Nurdianah Md Nur

ddos attack button
Photo via Computerworld Australia

In Asia Pacific, connected devices remain a tempting target for distributed denial-of-service (DDoS) attacks.

Neustar's Global DDoS Attacks and Cybersecurity Insights Report revealed that 78 percent of organisations in the region that have active internet of things (IoT) devices were once victims of cyberattacks. Almost 3 in 10 (28 percent) of them suffered network comprises or damage to physical equipment.

As such, 39 percent of respondents are actively focused on finding ways to secure their IoT devices.

The report also found that it now only takes one attack to breach a firm's defences. More than half (51 percent) of companies in Asia Pacific discovered a virus following DDoS attacks. Meanwhile, 32 percent of them saw malware activation during DDoS attacks as part of multi-tactic assaults.

Globally, 52 percent of brands reported a virus while 35 percent reported malware associated with a DDOS attack.

According to Neustar, these findings suggest that cybercriminals are focused on taunting defences, probing network vulnerabilities and executing more targeted strikes, instead of making noise with a singular, large attack.

Cyberattacks were also found to not be contained to large companies. In Asia Pacific, mid-sized brands were hit the hardest, with 70 percent of them experiencing an attack. Globally, more than 50 percent of mid-sized organisations encountered an average of three breach incidents.

On average, DDoS attacks caused organisations globally US$4.3 million in revenue generation risk.

Understanding the situation, organisations globally continue to make DDoS protection a budget priority, with layered defences and web application firewalls (WAFs) listed as top investments.

Barrett Lyon, Vice President of Research and Development, Neustar Security Solutions believes that this is a step in the right direction. "Brands need to continuously diversify their security strategy for DDoS - it's no longer 'good enough' to accept a pre-packaged solution as the cornerstone of your security portfolio," he said.  

"Writing application code is difficult, but it is also fraught with security failings and attackers know this. Brands are making investments in layered protection, including the deployments of WAF solutions, to level the playing field and decrease the time cybercriminals will have to execute a successful attack," he added.