How much does DDoS cost to build? Counting the cost of a DDoS attack



    A distributed denial of service attack, DDoS is a very popular tool for cybercriminals. The reasons why cybercriminals and ordinary internet hooligans use this tool are very different. This is harming the competitor, and stopping the operation of any security system or service with a ransom demand. There are cases when the groups that organized this type of attack demanded 5 bitcoins from the victims (more than $ 5,000 at the current rate).

    Moreover, DDoS now, in fact, has become a public tool. This type of attack is cheap enough (of course, it all depends on the scale), it can be quickly launched and stopped just as quickly. The other day it became known how many creators of various botnets take for conducting DDoS attacks.

    DDoS as a service


    The order of the attack is usually carried out on a regular site that looks almost like a corporate one. Kaspersky Lab specialists checked such resources, talking about this in detail . As a rule, there is no need for direct communication between the customer and the owner of the “DDoS service”. On a special resource, an attack of a certain power is paid with an indication of the target and that’s all. Then the service itself is already valid.



    There are English-language services, there are Russian-language ones. Resources of this type allow you to check your balance and plan the budget for the attack. In some cases, customers are even offered bonuses.



    Sometimes services show the number of registered users, the number of previously conducted attacks and the number of attacks that are carried out at a particular point in time. Everything is very professional.



    Well, how much does it cost?


    It all depends on customer requirements. In total, there are four main pricing factors.

    1. The purpose and its properties. Those who hold DDoS services (how strange this sounds, right?) Usually agree to attack any type of resource. Sometimes they ask for more money for certain purposes - this usually happens when the target resource has its own protection, more or less reliable.

    2. Characteristics of the source of the attack. The cheaper the botnet content, the cheaper will be the DDoS implemented with its help. For example, a botnet created from IoT devices can cost less than a botnet created using servers.

    3. The attack scenario. Attacks of different levels cost different money - everything is clear here.

    4. The cost of attack in different countries.The price of DDoS services in different countries can vary dramatically. It all depends on the target audience and its purchasing power.

    An example of pricing can be seen in the screenshot below.



    Here, DDoS lasting 300 seconds will cost the customer 5 euros. If the duration is 1800 seconds, then the price will increase to $ 60. Below is shown the pricing of some Russian-language service.



    In some cases, attackers use combined types of attacks in order to overcome the potential defense of a potential victim with a high degree of probability. “Hybrid” DDoS will cost the customer more than usual.

    Here are some more prices, also from the Russian-language service.



    By the way, some services refuse to attack government resources. The fact is that they are being watched by special services, therefore, both the customer and the contractor can be severely punished if they are found.



    As an example of pricing, you can take an attack using the "cloud" + DNS gain + SaaS gain



    If, for example, you take the cost of working with Amazon EC2 for calculations, then this is somewhere around $ 0.0065. A relatively weak attack may require 50 virtual servers. It will cost cybercriminals $ 0.325 per hour. It is also worth taking into account the additional costs (SIM cards for registering an account or credit card). As a result, the cost of entry-level DDoS attacks can be about $ 4.





    Work with 1000 workstations will cost about $ 7 per hour. Well, the customer’s watch DDoS attack of this level will cost $ 25. That is, cybercriminals earn about $ 18 (this is net profit) per hour of DDoS.

    In general, this is the average for the market. Now cybercriminals are constantly looking for ways to reduce the cost of DDoS. Basically, this issue is solved by creating a botnet from IoT devices that are poorly protected from hacking, so hacking hundreds of thousands of “smart” devices is not a problem. Probably, over time, DDoS will become cheaper, which means that there will be more attacks of this type. So it’s worthwhile to prepare in advance for such an attack, so that later it will not be excruciatingly painful.

    PS:If you want to provide protection from DDoS attacks in advance or your business has already faced a similar attack - even then we can help. If you order the Anti-DDoS Protection service and indicate the code word “habrddos2017” in a letter / online chat / phone , you will receive a 20% lifetime discount .

    PSS: For legal entities, additional benefits: financial and legal guarantees, high guaranteed SLA availability level of 99.95%, postpaid payment scheme and much more.

    Also popular now: