Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Too Many Small Businesses Aren't Prepared for a DDoS Attack

By - Source: Toms IT Pro
Tags :

Credit: ShutterstockCredit: ShutterstockThere has been a significant rise in Distributed Denial of Service (DDoS) attacks in the last quarter of 2016, according to a report from Kaspersky Lab. This increase is due in part to the use of Internet of Things devices to facilitate these attacks against business websites. A DDoS attack can be costly to a company in both lost revenue during the period the site was unavailable and in reputation.

DDoS attacks against large corporations garner most of the attention, such as last fall's attack on Dyn, a company responsible for the domain name system (DNS) for many of the most well-known entities on the internet. Organizations are at high risk for such attacks because, as another Kaspersky Lab study revealed, they are unclear on how to respond.  Four in ten believe that protecting DDoS attacks is the responsibility of the ISP and another 30 percent think their data center will provide that protection.

While small businesses don't suffer DDoS attacks at the same level as large enterprise, when it does happen, the risks are even greater.

MORE: DDoS Attacks Took Down the Internet: What You Need to Know

"DDoS attacks are a huge problem because small businesses think they're immune to them because they are small, so they're ill prepared," David Bourgeois, CEO of My IT. "Most attacks happen blindly because hackers use bots to randomly comb the internet looking for open ports, then they attack what they find without knowing who they are attacking in most cases."

These attacks, Bourgeois added, overwhelm, slow down, and potentially shut down your network, which impacts your legitimate users (clients, employees, prospective customers) because they cannot access your data or frustrates them because of the delay. And these delays aren't a few minutes of downtime. According to the Kasperky report, the longest DDoS attack of the year occurred in Q4 2016, which lasted for 292 hours or 12.2 days. No small business can afford to be down that long.

The reason is clear: Small businesses rely on the internet and online connections for day-to-day operations. At the same time, small businesses fall behind on internet security practices. As the National Cyber Security Alliance reported, most small businesses have sensitive data to protect, but employees aren't educated in basic security nor do they have a plan in place to promote cybersecurity. Nor do most small businesses have the resources to address cybersecurity, and without that, said Andrey Pozhogin, cybersecurity expert, Kaspersky Lab North America, it is very difficult for a company to address DDoS attacks.

"While no company big or small can be successful in fighting off a DDoS attack unless this is a part of their core business (as it requires not only know how, but also prohibitively expensive infrastructure in place), larger companies usually do have resources to partner with a defending vendor," Pozhogin stated. "Small businesses have much less flexibility given the resource constraint and often they simply employ 'wait through' tactic hoping for understanding and relying on PR departments to help preserve their customer and partner base."

Unless the company has expertise and expensive infrastructure, chances to fight off a targeted DDoS attack are minimal. Way too often the mitigation actions lie outside of the technology domain relying on PR and marketing departments to maintain relationships with partners and customers, Pozhogin added.

One reason why small businesses are slow to address DDoS attacks is because they think that they are too small to attract interest from cybercriminals, hacktivists or hackers. They believe the idea of "it will never happen to us," said BabaTunde Odeleye, Managing Consultant - Information Security Practice with Advanced Technology Group, PCM.

"In reality, the exact opposite is true. SMBs are now being targeted specifically by malicious attackers because they're generally low-hanging fruits," explained Odeleye. "It is common knowledge in the malicious community that small businesses tend to have lower defenses compared to larger organizations, usually due to lack of financial and human resources."

Prevention is the key in mitigating DDoS attacks because once the attack begins, there is little that can be done to stop it. Therefore, advised Odeleye, the first step in identifying mitigation strategies against any form of cyberattack including DDoS is to perform a cybersecurity risk assessment to identify the risk exposure of the business. "This enables the business stakeholders to identify their exposure to DDoS attacks but more important, determine the severity and impact to their business. The results from the assessment enables the business to more effective plan its DDoS mitigation strategy."

Also, Bourgeois added, small businesses can monitor their bandwidth and be alerted when things spike, which potentially can be a DDoS attack or virus. Businesses need to be aware as well that not only can they be the victim of a DDoS attack, but the cause of another company's attack.
"To prevent viruses and malware from entering your network and infecting your machine to use for DDoS attacks on someone else, which still eats up your outward bandwidth, you need to have a good anti-virus software, regularly update/patch your computers and mobile devices, and use email filtering with Advanced Threat Detection (ATD)," Bourgeois said.

DDoS attacks can be devastating to a small business, especially if they rely on the internet for key areas of their operation. By incorporating the risk of DDoS into a business's threat model, said Pozhogin, small businesses will be enabled to size up the risk and understand what resources they have at their disposal to prevent, or mitigate an incident.