The Economics of Cyber Attacks

In the late 1800s, a gentleman named Charles Duryea had an idea. While attending the Ohio state fair in 1886, Duryea saw a 4HP, single-cylinder gasoline motor that he thought was sufficient to power a horseless carriage. As accomplished bicycle makers, Charles and his brother, Frank, went to work and in 1893 they tested their new invention, the first American-made automobile. By 1896, they had produced 13 automobiles and America’s first commercially-produced vehicle.

Chances are you’ve never heard of the Duryeas (or didn’t remember them). It’s common to hear that people think Henry Ford built the first vehicle, but in fact, he didn’t start building cars until 1901, and the Ford Motor Company wasn’t incorporated until 1903. Around the same time, there were over two hundred other automobile manufacturers operating in the US.

Henry Ford didn’t invent the automobile, but he did change the world with it.

carBy perfecting his product, pricing it right, and perfecting its creation with an assembly line, Henry Ford sold over one million cars by 1920. With the availability of the right resources, as well as a great product and making it within reach for much of the population, Henry Ford became the success that we still know today.

I had the honor of telling that story at a SecureWorld conference held at the Ford Motor Company Conference Center in Dearborn, MI, a few weeks ago. It’s an interesting example because the right recipe yielded a great success. And it bred the success of many other great companies as well. It’s a lesson worth revisiting.

Cyber attacks reaching a tipping point

We have recently seen tremendous growth and change in the attack marketplace. Today, the people who attack our networks have access to unprecedented options and resources that cause harm to our organizations. Businesses exist whose sole purpose is to attack other networks for pay. We hear about this, but few of us actually get to see or understand what’s truly out there.

[You might also like: CHI-NOG 2016 Recap]

It’s absolutely fascinating. And it’s familiar. We have the right economic conditions, the right innovation by attackers, and more valuable assets on the network. It’s extremely inexpensive to generate very strong attacks. One example that I like to give is $6 for a 5-10Gbps DDoS that will last 10 minutes. It usually costs me more than that to mail a small package!

As with any business ecosystem, the ones who are successful are doing things differently. Maybe they do it more efficiently, or maybe they are stronger or faster or have the best customer service. Does this sound familiar? The competition to be the best does exist and today, users have their choice of very professional options in attack companies.

Let’s be clear that we’re not saying Henry Ford is comparable to today’s attackers. One is a great man who arguably changed the world and certainly changed the lives of his employees, customers, and vendors. The other is a criminal. But both have leveraged the right recipe at the right time to achieve unprecedented success.

The ease and proliferation of attack resources means that we have to be prepared to defend ourselves. Even if you aren’t ready now, every business should be at least considering what their plan would be if they are attacked. If you are already thinking about it, make sure to include defense automation in your criteria. The tools available today can easily change vectors and fingerprints, making manual responses challenging.

We explore these ideas in our current keynote talk, which we’re sharing at regional SecureWorld conferences, NANOG 68, Canadian ISP Summit, and many other upcoming events. I hope to see you at one of these soon. If you’re there, please come and say hello!


Download Radware’s DDoS Handbook to get expert advice, actionable tools and tips to help detect and stop DDoS attacks.

Download Now

Ron Winward

As a Security Evangelist at Radware, Mr. Winward is responsible for developing, managing, and increasing the company’s security business in North America. Ron’s entire career has been deeply rooted in internet and cybersecurity. For over 20 years, Ron has helped design complex solutions for carriers, enterprises, and cybersecurity providers around the world. Ron is an industry-recognized expert in the Mirai IoT botnet and its modern variants. Ron conducted the industry’s first complete analysis of the Mirai attack vectors, producing forensic examples for public distribution of each attack and the specific impact each attack had on networks. His work on IoT attack analysis has been presented at conferences worldwide and has been referenced by NIST. Prior to joining Radware, Ron was Director of Network Engineering for a global datacenter provider and ISP. In this role, Ron oversaw the growth and development of a global network infrastructure that delivered services to other ISPs, hosting providers, and enterprises around the world. During this time, Ron assisted some of the world’s top businesses in mitigating cyberattacks on their infrastructure, cultivating an extensive knowledge in DDoS attack methodologies. Ron holds a Bachelor of Science degree in Business and has earned many technical certifications throughout his engineering-focused career. Ron acutely understands the impact of technology and security on business and is enthusiastic about their interrelation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program


An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Security Research Center