Seven in ten global brands and organisations have suffered a distributed denial of service (DDoS) attack, according to a new report.

But it’s not just one attack organisations have to deal with. The survey of 1,000 IT pros by Neustar found that 82% of those that have been attacked were hit repeatedly, with 45% reporting they were attacked six or more times.

In the EMEA region, 47% of organisations have been struck more than five times.

Half of the organisations that reported suffering a DDoS attack said they lost at least $100,000 per hour in a peak-time outage.

A third said they lost more than $250,000 per hour, and it took 42% at least three hours before they even detected the attack.

While revenue loss caused by a DDoS-related outage is usually the main concern, 57% of all breached companies also reported some sort of theft, including intellectual property and customer data.

>See also: DDoS ransom notes: why paying up will get you nowhere

And following the initial breach, 45% of organisations reported the installation of a virus or malware – a sign that attackers are interested in causing ongoing harm.

Although DDoS attack tactics continue to evolve from single large attacks intended to take a website offline to multi-vector attacks, organisations are fighting back.

Three quarters of survey respondents said their organisation is investing more in DDoS protection than in 2014, and 47% of those whose organisations has been attacked are participating in security consortiums to share information.

With big money, customer trust and regulatory implications on the line, 79% of financial services organisations are investing more this year than last.

“The findings of our most recent report are clear: attacks are unrelenting around the world but organisations are now recognising DDoS attacks for what they are – an institutionalized weapon of cyber warfare – and so are protecting themselves,” said Rodney Joffe, head of IT security sesearch at Neustar.