DDoS attacks: a big problem for small business

Heard of distributed denial of service (DDoS) attacks? They’ve been considered a common threat for larger enterprise for a while, taking websites offline and paralysing e-commerce. Now there’s increasing evidence that DDoS attacks are targeting small businesses.

Spotting a DDoS attack is harder than you’d think

DDoS attacks attempt to crash websites by overwhelming them with fake requests and traffic from hundreds, or thousands, of sources. The network of multiple infected devices on different networks is known as a ‘botnet’.

As your website floods with requests, it might cause it to slow down or crash altogether. Successful DDoS attacks take websites offline – and that could mean lost revenue, breached data, and reputational damage to your business. The first signs of an attack are usually dismissed by unsuspecting small businesses. A slower website might not seem like anything to worry about.

Why DDoS attacks are focusing on small business

Don’t be fooled into thinking DDoS attackers aren’t interested in small business websites; they are. SMEs tend to have smaller IT budgets than big corporates. They often have few or no dedicated staff keeping an eye on cybersecurity. They may also have lax security practices – which could mean a slowing or offline website isn’t spotted immediately.

Many small businesses are part of a bigger supply chain, which could mean they’re the gateway in for a larger security breach. This method of attack is surprisingly common. You might have read about US retailer Target breaching the credit card and contact information of up to 110 million people after attackers gained access through a smaller air conditioning partner.

Then there’s lack of awareness. Many SMEs simply haven’t heard about DDoS attacks – or know that a web application firewall (WAF) could help to protect them.

How to protect your SME from a DDoS attack

Small businesses need a game plan for identifying and dealing with cyber-attacks. That includes DDoS attacks that might, at first, look like common website usability problems. It could include:

1. Using a web application firewall (WAF), which blocks suspicious traffic and prevents DDoS attacks from accessing your servers. Customising its configuration could provide specific protection for your business. For instance, if you only do business in Europe, you could block all non-European traffic, or blacklist traffic from markets known for instigating attacks.
2. Get cyber aware. Arm your team with the latest on cyber threats, so they know what to look out for, and what to do in an attack. A random spike in traffic – even if only for five minutes – could be a sign of a DDoS attack in progress. We offer cyber awareness training delivered as an e-learning programme, designed to help your team make the right decisions when it counts. Think of it as your human firewall.
3. Bringing an IT partner on board. We work with London’s small businesses to help keep them protected from the latest threats, so they can do what they do best. It’s like having a whole team of cyber security experts at your fingertips, for a lot less than hiring a dedicated in-house IT department. As a managed service provider, it’s our job to monitor unusual activity on your networks, and have an awareness of how attacks are evolving. Let us take cyber security off your plate.

DDoS attacks can have a catastrophic effect on small businesses. You can help keep your SME secure by implementing some of these security changes. We’re here to help you do it. Contact us to talk about protecting your business.