What would downtime actually cost your business?
It’s a simple question, but one that most businesses haven’t properly thought about, let alone
answered. But if your website went down right now, how much revenue would you lose per
hour? How many customers would lose trust? How many deals would stall?
Because this is the reality of a Denial of Service (DoS) or Distributed Denial of Service (DDoS)
attack. It isn’t just a quick technical issue; it becomes a major business problem.
ITIC’s 2024 Hourly Cost of Downtime Survey found that a single hour of downtime now costs
over $300,000 (£225,000) for more than 90% of mid-sized and large enterprises, with 41%
reporting hourly losses of $1 million to $5 million — the equivalent of $14,000 (£10,500) per
minute at the lower end of that range.
So when we talk about DoS or DDoS attacks, we are talking about cyber security, but also
about core business outcomes, such as revenue, reputation, and growth.
What is a Denial-of-Service Attack?
A DoS attack is about overwhelming your systems so real users cannot access them.
Think Black Friday videos where hundreds of people are gathered around to be the first to get
into a store and get a discounted “thing”. When the door opens, no one can get in as so many
people are surging on that door at once. Customers can’t get in, the sales team can’t sell, the
store is technically open, but it is not usable.
That is a DoS attack.
If you scale that up you get a DDoS attack. It’s the same thing but from thousands of sources at
once. These are usually a mesh of compromised computers, spread across the world, all of
which are sending traffic to your website at the same time.
It is a coordinated, distributed volume designed to break your availability.
Why do these attacks happen?
Not all DoS attacks are the same, and the motives behind them vary.
- Some are financially driven with attackers demanding payment to stop the attack.
- Some are competitive where a rival wants to disrupt your service at a key moment.
- Some are ideological where groups target businesses they disagree with.
- And some are simply opportunistic.
One of the more concerning trends under the spotlight from law enforcement agencies across
the world, is the rise of DDoS-for-hire services on the dark web. These platforms make it cheap and easy for almost anyone to launch an attack with very little technical knowledge.
The business impact will have consequences far beyond the downtime
Website downtime is the obvious impact, with initial lost revenue, but that is only the start.
Reputation damage follows quickly, meaning further loss of revenue. Users expect reliability and if your service is unavailable, they will look elsewhere and they may not come back.
Beyond that, operational disruption comes into play, as internal teams often rely on the same
systems. When they go down, productivity will also drop across the business.
But there’s also potentially a bigger risk, as in some cases, a DDoS attack is used as a
distraction. While your team is focused on getting systems back online, attackers may be
attempting a more serious breach elsewhere in your environment.
The impact of website downtime isn’t just about the time offline; it ripples through operations
and carries financial consequences over a much longer period.
How to stop a DoS attack and build resilience
There is no single fix to permanently stop a DoS attack, but there are proven ways to reduce
your risk and improve your response.
Ensure you have the right infrastructure. This includes a Content Delivery Network (CDN) to
help absorb malicious traffic before it reaches your servers, acting as a buffer that can
significantly reduce the impact of an attack.
Monitor your web traffic. You need visibility into what normal looks like so you can quickly
spot abnormal spikes and take action.
Use rate limiting and filtering to control how much traffic your systems accept and from
where in the world.
Work with specialist DDoS protection services for access to tools and expertise that most in-
house teams simply do not have.
Why an incident response plan is non-negotiable
Even with the best defences, attacks can still happen and that’s why you should have a robust
plan in place. An incident response plan gives your team instant clarification on who is
responsible for what, what steps need to be taken, and how decisions get made when things go
wrong.
One area often overlooked in response planning is customer communication.
You will need to have a pre-prepared communications plan ready for customers, so if your
service goes down, you need to know how to communicate what is happening and when it will
fixed. Clear communication helps protect trust even in a difficult situation.
This is where many businesses fall short, focusing more on the technical response; forgetting
the customer experience.
Availability is not optional
In information security, there is a well-known model called the CIA Triad. It stands for
Confidentiality, Integrity, and Availability. A DoS attack is a direct assault on availability.
If your systems are not accessible, nothing else matters. It does not matter how secure your
data is if customers cannot reach your service.
That is why this topic deserves attention at the C-suite level, not just within IT.
Need to discuss how robust your cyber security is through Cyber Essentials or Penetration Testing? Get in contact.