July is Independent Retailers Month, when we celebrate indie retailers and encourage folks to #ShopLocal and focus on creating more sustainable cities, towns and communities.
But unfortunately, hackers have already turned their attention to independent retailers, as well as many other businesses. The latest threat, warn cybersecurity experts, is Distributed Denial of Service (DDoS) threats
“A DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used to overwhelm a target website with fake traffic,” according to a security analysis from Kinetic Business. “DDoS can also be used as a smokescreen for other malicious activities and to take down security appliances, breaching the target’s security perimeter.”
DDoS attacks threaten to bring down business websites and take their business offline for hours, days or even permanently. When this happens, businesses are not able to access online services, including ordering platforms if the affected business is selling online or point of sale operations in a brick and mortar store. This results in loss of revenue, negative customer experience and even loss of customers.
DDoS attacks were developed by hackers as a companion tool to ransomware, which seizes up a company’s IT until management pays to get it back. One big difference with DDoS is the ease with which bad actors can unleash it on their victims.
A Ransom Distributed Denial of Service (RDDoS) occurs when threat actors send emails informing their targets that they will unleash a threat of sustained DDoS attacks unless a ransom is paid. One important factor that distinguishes RDDoS from other attacks such as ransomware is that an actor does not need to have privileged access to any systems in order to perform the attack.
As TechRepublic reports, ransomware attackers are always in the market for new tactics to ensure their victims actually pay up. DDoS increases that leverage as small to mid-sized businesses (SMB) spend an average of $120,000 restoring service and managing operations during a DDoS attack while losing between $8,000 to $74,000 for every hour of downtime.
“The more stress that the criminals can inflict on their victims, the greater the odds that their demands will be met,” writes TechRepublic’s Lance Whitney. “A DDoS attack shows that the cybercriminal is serious. Plus, it adds another stressful factor that the targeted organization must handle. By combining file encryption, data theft and DDoS assaults, the attacker is looking to ramp up the pressure on the victim to force them to pay the ransom amount.”
Such attacks are growing at an alarming rate, increasing in size, frequency and duration, especially last year when everything from potato chips to slippers were being ordered online. Media outlets recently reported Kaspersky Lab findings that DDoS attacks doubled in 1Q-20 compared with 4Q-19, plus saw an 80 percent jump year-over-year in the same quarter. Average attack duration also increased in 1Q-20 by 24 percent over 1Q-19 and maximum attack duration more than doubled year over year.
One reason cyber criminals are targeting SMBs is the greater likelihood that small and mid-size independent businesses lack the personnel and resources to employ cutting edge cybersecurity. This has many business owners demanding more from their internet service providers in the way of onboard security features.
For example, Kinetic Business offers customers dedicated DDoS mitigation service, providing end-to-end monitoring, detection, validation and mitigation of DDoS threats, regardless of the number or scale of attacks, on any network. This in addition to Kinetic Internet Security, powered by McAfee Multi Access, which protects against other security threats such as viruses and malwares.
Such features, along with common-sense user tactics like secure passwords and multi-factor authentication, are part and parcel of an effective DDoS mitigation strategy, as recommended by online security watchdog groups.
“While there is no way to completely avoid becoming a target of a DDoS attack, there are proactive steps administrators can take to reduce the effects of an attack on their network,” reports the federal Cybersecurity and Infrastructure Security Agency, part of the federal Department of Homeland Security.
“Enroll in a DDoS protection service that detects abnormal traffic flows and redirects traffic away from your network. Create a disaster recovery plan to ensure successful and efficient communication, mitigation and recovery in the event of an attack. It is also important to take steps to strengthen the security posture of all of your internet-connected devices in order to prevent them from being compromised.”