Have you ever tried to buy tickets for a huge event but couldn’t finish the transaction with all the site crashes and freezes? This was probably because the seller’s website collapsed under the weight of thousands of people trying to do the same thing at the same time. Ticket sites like that fall over all the time, usually temporarily. It happens because the server hosting the website is getting overloaded with traffic it doesn’t have the capacity for.
But you don’t have to have an immensely popular website to get your servers overloaded by incoming traffic. Cybercriminals or jealous competitors can simulate this wave of user requests to your server in an attempt to shut it down. It’s called Distributed Denial of Service (DDoS). It exploits the same principle but instead of actual users signals are generated by bots or hacked computers.
When cybercriminals start a DDoS attack they flood the server with fake traffic to overwhelm the system and hopefully break it. As a result, legitimate users or the business itself are unable to access web pages. Usually, this leads to a business’s website and services being unresponsive for as long as attackers continue to funnel fake traffic to that website. However, more serious implications can follow afterward. It is not uncommon, especially for older and cheaper servers, to short-circuit or catch fire from getting overheated.
Last year an average DDoS attack lasted about 8.67 hours with the longest one being 66 hours. This may not seem like a particularly long time for a person, however, for a business, it is costly. And it is not just about sales, think about damaged reputation and negative customer experiences accumulated during these 8+ hours. If you are in a competitive industry, where clients are not very brand-loyal, you may see a solid chunk of your customer base no longer return to your website ever again.
What is more alarming is that these DDoS attacks are getting worse. They do not just last longer but are also growing in volume and complexity. The biggest DDoS attack blocked, was reported to have sent 71 million requests per SECOND to the target business’ website servers during its peak. Before this, the biggest reported incident had 46 million requests per second in 2022.
What’s even worse is that cybercriminals no longer wait to be hired for a DDoS attack. They are actively attacking successful online businesses and demanding payments. If the ransom is paid then cybercriminals stop their attacks, but if it is not paid then cybercriminals continue disrupting the victim’s operations until the victim pays or goes out of business.
What does this mean for you and your business?
It means you should check if all your cybersecurity measures are up-to-date and working as they should be. Are your firewalls up to the task, with DDoS monitoring and prevention tools set up? And is your team fully aware of the importance of staying vigilant? You might think that your business is too small to be targeted by cybercriminals but you would be wrong, cybercriminals prefer to attack smaller businesses.
We can help you make sure your business stays protected. Just get in touch.