With the holiday shopping season in full swing, some Internet security experts are worried that ecommerce sites may be especially vulnerable to distributed denial of service attacks from hackers, thieves, or even unscrupulous competitors.
A distributed denial of service — DDoS — attack happens when many computers maliciously send requests, packets, or data to a particular web server, overwhelming it and either slowing it to a crawl or bringing it down altogether. DDoS attacks against online retailers are often intended to cost the victim profits that might have otherwise been realized.
Understanding the DDoS Threat
According to a comScore report released last week, 2011 holiday cyber sales in the U.S. may exceed $37 billion. Online stores that loose the opportunity to sell products because of the effects of a DDoS attack would certainly see a difference in the bottom line.
Ecommerce “is a very attractive target for DDoS attacks, typically perpetrated by cyber-criminals who extort money under threat of attack, and unscrupulous competitors who sabotage other companies’ websites to undermine customer confidence and drive increased traffic to their own,” explained online security firm, Corero Network Security.
“Many high-profile and damaging DDoS attacks have made headlines in 2011, and in some instances the results have crippled the websites of Fortune 500 companies,” said Mike Paquette, chief strategy officer, for the aforementioned Corero Network Security. “The bottom line is that retailers and other blue chip corporations need to improve their defensive posture against DDoS attacks, as criminals and “hactivists” have significantly increased the frequency and sophistication of DDoS attacks they employ.”
How Real Is the Threat?
Published estimates, from companies like Corero, suggest that overall frequency of DDoS attacks has risen about 30 percent in recent years, but there are also indications that these attacks continue to be aimed at large brands.
This means that the risk to small or mid-sized retailers could be significantly less. Merchants that rely on hosting companies, which offer managed services — think Firehost, Media Temple, Rackspace, or similar — probably have little to worry about since these sorts of hosting companies typically have DDoS attack response plans in place and will act on the merchant’s behalf.
Generally speaking, merchants relying on cloud hosting from a reputable provider, should also be relatively safe, but certainly not immune.
Retailers that use some form of shared hosting plan, which will almost certainly have bandwidth limits, are vulnerable to DDoS attacks, but may not be well known enough to attract hackers’ attention. These businesses, however, could be subject to DDoS extortion or criminal competitors.
For these companies it is important to report any DDoS threats to the police immediately, and carefully monitor site traffic. Shared hosting plans typically do not allow for much control over the server, so if a merchant using one of these hosting services suspects that an attack may be happening, that merchant should contact the hosting provider.
Finally, merchants that host sites in-house will have to take full responsibility for dealing with potential attacks. This should include having a DDoS response plan in place and, depending on risk, deploying an on-premises DDoS defense — many of which are commercially available.
Some security experts believe that ecommerce sites may be particularly vulnerable to DDoS attacks this holiday shopping season. Online retailers would be wise to access that risk.