Distributed Denial of Services (DDoS) attacks significantly increased in Q3, 2015 against small businesses, according to web performance and cloud security company Akamai. A study issued by Akamai stated that attacks against small organizations increase 180% over the previous year. The study also discovered that the attacks are shorter in duration and less powerful than attacks against large enterprises. This is possibly due to the use of “off the shelf” back market tools. Two distinct attacker groups have been identified as targeting small businesses. The study also identified that WordPress plug-ins are being increasingly attacked.
Consequences can be significant to victims of a successful DDOS attack. A victimized business may suffer lack of access to critical business information that impedes business operations, they may lose business opportunities, and they may suffer reputational damage. In a study conducted by Kaspersky Labs, the average cost to a small business was $52,000 for a DDoS attack.
Indications that a company is under a DDoS include:
• Slow page-load times
• Transaction failures
• Complete disruption of internet service
• Large volume of spam
• Significant number of customer inquiries from out of your normal customer area
What Your Business Can Do
• Install software or hardware that is designed to combat DDoS attempts by analyzing traffic or use a third party vendor.
• Talk with your web host vendor to understand how they will help you when you are attacked. Find out what the costs are if your web traffic increases significantly when attacked.
• Explore options on how you would move your website to another provider is necessary after an attack.
• Compartmentalize your customer access and data from your IT operational infrastructure so when you are attacked, everything is not at risk.
• Contact the FBI or local law enforcement. They may have intelligence on the attackers and help prevent future attacks.
• Make sure you have frequent full backups in case you have to start fresh on another hosting service.
Love reading about cybersecurity? Don’t miss one day of the NCI’s cybersecurity blogs!
Join us on Facebook and Twitter and receive them in your feed!