A distributed denial-of-service (DDoS) attack can take down an organization’s website — and even big brands are not safe from it. In December 2015, the BBC suffered one of the biggest DDoS attacks yet. The incident, which lasted more than three hours, caused the BBC’s website to display error messages and some of its pages to load longer than usual.
A DDoS attack is a type of cyberattack that disrupts a network, server, or system by swamping it with more traffic than it can handle. The term “distributed” in its name indicates that the attack is launched from multiple devices. If your business is hit with a DDoS attack, you may experience the following consequences:
#1. Your website goes down
A severe DDoS attack can shut down your website altogether, preventing visitors from accessing your content. If you own an eCommerce store or any business that depends on your website to make a profit, downtime that lasts even just a few hours can result in huge financial losses.
Take for example what happened in 2015 when a DDoS attack hit internet performance management company Dyn, momentarily taking down major eCommerce players like Shopify, Amazon, Etsy, and even PayPal. Estimates suggest that Shopify may have lost up to $12,000 per hour, while Amazon likely lost up to $50 million per day as a result of the attack.
#2. Your productivity plunges
Even if an attack doesn’t fully incapacitate your system, it will make processes run much more slowly. The sheer volume of abnormal traffic congests your system’s channels, increasing the amount of time it takes to receive and respond to requests, let alone accomplish tasks.
#3. Your reputation suffers
In the aftermath of the DDoS attack on the BBC, the company was inundated by massive backlash from disgruntled users on social media. Imagine how damaging a similar incident can be to the reputation of a smaller business with less clout.
Customers choose companies they can trust, and being vulnerable to cyberattacks does not make your business appear reliable at all. Suffering a DDoS attack will put your company in a bad light and make your customers think twice about doing business with you or leaving their personal information in your care.
#4. Your SEO rankings can take a hit
If your website is slow or inactive, Google is likely to lower its rank in the results pages, making your business less visible to potential customers. Google won’t consider that the problem is caused by a DDoS attack. If the problem is not resolved immediately, the search engine will interpret your laggy loading speeds as the new status quo and will recalculate your ranking accordingly.
#5. You could lose data
A DDoS attack frequently precedes a data breach. It is used to take down a company’s firewalls or distract its IT teams from the incoming data theft. A dated, albeit very relevant, example happened to Sony when a coordinated DDoS attack in 2011 distracted the company while hackers stole account information from over 77 million users on the PlayStation Network and Qriocity.
How do you protect your business from a DDoS attack?
As a business owner, you need to know the nature and the warning signs of a DDoS attack. You also need to familiarize yourself with your system’s typical inbound traffic profile. These will allow you to recognize an attack and respond to it as soon as possible.
Create a denial-of-service response plan that will cover everything from detection to resolution. The plan must detail which persons are in the response team and what their roles are, and whom to contact during the attack.
Work with IT experts who will monitor your network 24/7for abnormalities and resolve them before they can affect your operations. These experts can also help you select the tools — firewalls, VPNs, content filters, and others — that will boost your company’s protection from DDoS attacks and the security breaches that accompany them. Finally, these experts can help you polish your response plan and make it as efficient, effective, and actionable as possible.
Owning a small- to medium-sized business (SMB) is no guarantee that cybercriminals will not attempt to hack your network. This mindset of “they won’t find much to steal here” is common among small business owners when it comes to cybersecurity, and it could cause problems for you in the long run.