TECHNICAL

DDoS Attacks: How to prevent the least and handle the worst

Introduction

Do you know how much an hour of downtime costs for your business? Statistics say, that depending on the size of the enterprise, the numbers can go up to $40,000 per hour of offline state. The more devices can be used to access your website and store — from desktops to Smart TVs, the more vulnerable the system becomes. Expanding your business to new sales channels feels great, but comes with a danger you might not be ready for. In this article, we will talk about ‘distributed denial of service’ attacks: what they are, how they work, and what you can do to stay invincible.

What is a DDoS attack?

When a DDoS attack happens, your website becomes unavailable due to overwhelming web traffic from different sources at the same time. It looks very similar to the situations your online store deals with on Black Friday, Christmas, and New Year eves, when accidental peaks of activity can make your store servers go down for some time.

But DDoS attacks are performed to break down your site by crashing its infrastructure. Therefore your site becomes unavailable for an uncertain period of time, and your customers are not able to buy anything from you during that period of time. What is more, DDoS attacks can go unnoticed for quite a long time, and you wouldn’t be able to provide customer support while your website or application is down. No sales, no feedback, drop-in visitors, and a damaged brand reputation is the result of a successful DDoS attack.

DDoS attacks come in form of thousands of repetitive requests coming from different compromised IP addresses. IP blocking isn’t the cure, since there are too many of them to track, and sometimes they are hard to distinguish from the legitimate traffic. Powerful servers are not the ultimate solution anymore, as internet access is coming to more and more devices, making it easier to plan knockdown attacks on websites.

What is at stake in the case of DDoS attack?

One in five customers says that they won’t return to the online store they had troubles with. Сconversion rates highly depend on your website speed and availability. A suspiciously slow online store throwing an error message every other time is the last thing that When you are offline, you can’t make money anymore.

Another underestimated danger is that no matter how small your business is, or how competitive your market is, it can happen to your store. The attackers can strive for you for different reasons: they can blackmail you for money or carry out someone’s order to bring you down. It is indeed good to remember that most ecommerce companies have experienced a DDoS attack at least once in the past, and 40% of ecommerce business owners still don’t know how to handle or prepare for a DDoS attack. What makes every ecommerce website vulnerable are targeted attacks on DNS providers. They can result in downtime for hundreds of websites. 

Is there anything you can do?

Protection from DDoS attacks must be a stable part of your online security strategy. If well-known and huge companies like BBC, GitHub, OVH have suffered and weren’t able to foresee and defeat an attack, how smaller enterprises and companies can? There are a few ways to prepare and fight off possible threats.

Unfortunately, DDoS attacks are not the easiest to identify from other normal peaks of web traffic. You can educate yourself and your employees to monitor and analyze data traffic, but you can always use services that can do this for you. Investing in anti-DDoS technology or service is highly recommended.

Obviously, you can’t do it all by yourself, and internet service providers you work with can help you prevent the worst. They can analyze data traffic, and detect when abnormally high numbers of requests go to your IP address. This is teamwork: if you feel like a DDoS attack can happen to your store, you can combine forces with the provider and develop a method to prevent the attack. There are a few methods to approach the monitoring: for example, specialists can remove all traffic not used by the customer, or set up filter lists for suspicious IP addresses. Another way to ensure ‘clear’ traffic is to flag and filter out harmful network packets.  

There are no limits of how severe the DDoS attacks can be — with every year they become cheaper to perform. During the attack, both your servers and devices of your customers can’t handle the logging anymore. Too many reboot requests cause a denial of service on every device possible and prevent the system from powering back until the attack is over.  It causes the chain reaction that is not the DDoS attack itself but makes it only stronger. The rule is: make sure to get rid of log files right after you know the attack is happening.

When the worst has happened, your only job will be to restore peace and bring your servers back, and there will be no time for careful planning a response. That means you have to do it beforehand. Having a plan will reduce the damage a DDoS attack can put on your business. You can prepare a contact list, a whitelist of IPs that are crucially important, and must be prioritized and allowed to the servers.

As a merchant, you should not only have a plan and wait for it to cover up the situation, you need to be sure that more or less obvious signs of attacks will be limited as soon as they appear.  There are ready-made commercial solutions that can take immediate care of your security problems, DDoS attacks included. One of them is the Security Suite extension by Neklo, which can notify you when there is a suspicious activity you need to know of and help to take preventive measures.

On a final note

DDoS attacks will remain the part of modern Internet culture, and that’s the way it is. The solution is not ultimate protection but the complex measures and monitoring provided by both automated security services and the human factors. Being educated on the problem is the first step on the way to curing it.

Subscribe to our newsletter with new materials

Related posts