It seems like zombies are everywhere these days, from starring in TV shows like “The Walking Dead” to chasing Brad Pitt and Will Smith across the movie screen. They’re also popping up in businesses—not as pale, shuffling corpses but as computers that hackers take control of to attack other websites or servers. What they are able to do can be just as frightening.
This type of cyber threat, called a Distributed Denial of Service (DDoS) attack, can affect businesses in two ways:
- Infected “zombie” computers often run so slowly they grind a business’s productivity to a halt.
- Companies that hackers target for DDoS attacks can lose significant revenue if their websites can’t be accessed while under siege.
I’ve been reading up on DDoS attacks because of the dangers they pose to small businesses. I really like how this video explains the basics of an attack and how you can help protect your systems. I was surprised by how quickly an attack can spread, as illustrated in this infographic.
Hackers often seek out small companies that don’t have the resources to protect themselves. Once the attacks start, they can be difficult to stop and can last a few days to more than a week. Believe me when I say the more you know about these attacks, the better prepared you can be to handle them.
DDoS, in a nutshell
To stage a DDoS attack, hackers scan the Internet for computers that aren’t secure. Then they infect the computers with a type of software called malware that lets them take control of the computer network. Once hackers create enough zombie machines—perhaps tens or hundreds of thousands—they use them to flood specific websites with so much traffic that the sites are knocked offline.
DDoS attacks can be particularly damaging to retailers, who may lose revenues and customer goodwill. I know if a website I’m trying to shop from is down or I can’t complete my order, I’ll just move along to another site. Multiply me by a few dozen or few hundred (or whatever the case may be for your business), and you see the risk.
Fight zombies with strong security
There may be no foolproof way to prevent DDoS attacks, but I believe a proactive approach can help make you less vulnerable. I recommend starting with these steps:
- Talk with your IT vendors. Learn about the security capabilities of your IT service providers, including your Web hosting service and Internet service provider. Ask if they’re able to identify and defend against DDoS attacks aimed at your network.
- Review your security measures. I’m a big believer in the basics, such as making sure firewalls and anti-virus software are installed and employees download security updates for their operating systems and Web browsers. Taking measures like these and others from the FCC can make it harder for hackers to break in.
- Write a short cyber response plan. Have the information you would need to respond to an attack in one place, including account information for your service providers and who to speak with at each company. Establish a chain of command: for example, do you have someone on staff who handles IT issues? Clarifying these details beforehand can save you valuable time if an attack happens.
Strengthening your Internet security and crafting a response plan can help you keep zombies at bay. At a time when DDoS attacks and other cyber threats are on the rise, these steps are simply good business practice.
Have you been affected by a DDoS attack? How do you help keep your business safe from cyber threats? I’d love to hear about your experiences.