Cybercriminals are not picky when it comes to the targets of their attacks. No matter the size of the company or the industry in which it operates, chances are it could be targeted by hackers in some way.
Still, many small- and medium-sized businesses falsely believe they are safe from such incidents. Some may believe they will be overlooked by cybercriminals, while others are confident that data security measures they have been installed are protection enough.
Either way, it's important that SMBs don't become complacent. According to a recent InformationWeek report, smaller companies are especially in need of a strategy for recovering from cyber attacks, specifically distributed denial of service threats.
DDoS attacks work by overloading a website with requests until it is knocked off line. Such an incident can be damaging for a company whose site serves as its primary communication vehicle with its customers, or if there is confidential data stored by a site.
"If you don't plan, when you do actually have an event your response time and general reaction will be much more chaotic, and you'll have a much harder time defending against and mitigating a DDoS attack," Neustar director of security operations Ted Swearingen told InformationWeek.
Cybercriminals' affinity for DDoS attacks have been well documented. Last year, the group Anonymous utilized the threats to attack companies that spoke out against the massive data leak orchestrated by the whistleblower website WikiLeaks. Visa, Mastercard, Paypal and Amazon were among the companies that suffered downtime because of a DDoS attack in December.
Also, some experts have pointed to DDoS attacks as an Achilles heel of sorts for cloud computing solutions. According to a recent Computerworld report, that's because the availability of cloud-based apps and services are hindered by downtime.
Still, having a plan for recovering from such an attack, as InformationWeek suggested, can help ease the challenges of being faced with such a situation.
To start, SMBs should implement certain triggers that will allow them to detect when a DDoS attack is imminent. According to InformationWeek, such measures should include the traffic numbers and other data that will set off "alarm bells." The report said these benchmarks will change with each company, depending on the regular traffic levels, but are necessary to deal with an attack.
Next, the company should consider customers and what it will tell them regarding the attack. Sooner or later something will have to be said as customers will be cut off from accessing the company's websites and perhaps even certain services. Transparency and filling in customers as much as possible could go a long way in keeping up their trust in the company's Internet security measures.
"If you're under a DDoS attack, the worst thing would be not knowing what you're going to say to your customer about it," Swearingen told InformationWeek.
Businesses should also understand that practice makes perfect with their DDoS recovery plans. Swearingen said the processes and strategies the company has devised should be tested, because "they're not much use" if they've never been put into practice.
An incident involving the Russian Embassy in London recently demonstrated how brazen cybercriminals can be with DDoS attacks. In a statement, the embassy recently announced that its website was unavailable between September 9 and 12 because it had been taken offline by hackers.
Russia responded by creating a "mirror" website to continue providing services prior to British Prime Minister David Cameron's diplomatic visit to Russia, according to the embassy statement.