According to Kaspersky Lab’s study, arranging a DDoS attack using cloud services and a botnet of 1,000 desktop computers can cost cybercriminals as little as $7 in an hour. Meanwhile, the average cost of DDoS services on the black market is about $25 per hour. It means that cyber crooks can making a profit of around $18 per hour, while the business targeted by the DDoS attack can end up losing thousands, if not hundreds thousands of dollars.
Typically, DDoS attacks on government websites protected by dedicated anti-DDoS technologies are much more expensive, while the cost of an attack on an unprotected website may range from $50 to $100. On the other hand, an attack on a protected website costs more than $400. Cyber crooks are continiously searching for new and cheaper ways of organizing huge botnets, as well as developing new sophiscated DDoS attack scenarios to surpass existing security solutions. The operators of DDoS services usually offer their customers a convenient form of payment and detailed reports on the work done. Some of cybercriminals even have loyalty programs – the client can get a reward or bonus points for the new order.
One of the big factors affecting the cost of DDoS attacks is the source of malicious traffic. For example, an attack performed using a botnet made up of popular IoT devices is cheaper than using a botnet of servers.
As a rule, attacks on English-speaking resources are somewhat more expensive than for Russian-speaking ones. The cost of DDoS services varies from $5 for 30-seconds attack to $400 for 24 hours. As mentioned above, the average cost of a DDoS attack is approximately $25 per hour. The longest DDoS attack in 2016 lasted for 292 hours (12 days).
According to Kaspersky Lab’s research, cybercriminals who offer DDoS services often try to squeeze out the maximum, not only taking money from their customers, but also demanding a ransom from the victim in return for stopping the DDoS attack. Sometimes attackers do not even need to launch the DDoS attack itself – the mere threat is enough to receive a Bitcoin ransom payment.