The first step in dealing with your organisation’s cyber security is embracing the fact that you are in fact at risk in the first place.

With 5.5 million suspicious e-mail reports in the UK alone last year – where a high number were almost certainly linked to attempted network breaches and ransomware - it is clear to see the scale of the problem. And whilst the high-profile attack on Tesco on October 2021 is the sort of attack that the media promote, it remains the case that smaller retail businesses are more frequently targeted. The impact on a small food producer losing its data may not just be detrimental – Tesco may have lost over £50 million in lost sales and revenue as a result of the attack - it can close them down for good.

DDoS assaults account for 21 percent of all cyberattacks against online retailers, so they are a significant threat, and one that needs to be considered when preparing your cyber defences.

So, what is a DDoS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, website, or network by overwhelming it with a flood of Internet traffic.

DDoS attacks frequently come from multiple sources to make their identification more difficult. It can also hinder the victim organization’s attempts to stop the DDoS.

In lay terms it’s like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination.

DDoS normally present themselves, as you would expect, by a slowing or crashing of a company’s network or website. Which costs you time, reputation and money and potentially drives your customers to competitors websites.

But why would it happen to you?

As with most cyber-attacks, they are about money. So, you will probably find a ransom demand coupled with the attack itself – pay up to stop the attack or it will just keep going. And that can be fatal for a small business retailer.

Can you protect yourself from these attacks?

DDoS attacks are notoriously difficult to prevent. The attackers don’t necessarily need internal access to the network as the attack is from the outside – which is why website and external network security are crucial when making your retail business more resilient. DDoS continues to increase in complexity and sophistication meaning that defense against these dark arts needs continual review. But the key points for protection to remember are:-

• Know your network's traffic. A free tool that we can recommend here is Police CyberAlarm
• Create a Denial-of-Service Response Plan within your incident response plan
• Make your network resilient and practice good cyber hygiene – using CE principles
• Scale up your bandwidth. The greater the bandwidth the more effort a DDoS attacker will have to make to crash your site. Moving your operation to the cloud may help.
• Take advantage of anti-DDoS hardware and software. Speak to your Managed Service Provider (MSP) if you have one.
• Make sure all staff know the symptoms of an attack and respond quickly to it using your plan.

What next?

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of business and loss of reputation. In the worst cases it can lead to the closure of the business altogether. But all is not lost.

So, what can I do?

Here at the centre, we would advise you to do three things now:-

• Know your risk. What systems/tools/technology have you got that you simply could not function without? If you did get a DDOS attack, could you still function? Build your cyber resilience plan around the key assets to keep your business function, no matter the situation.
• Join our growing community by signing up to free core membership of the Eastern Cyber Resilience Centre. You will be supported through implementing the changes you need to make to protect your business and your customers. This includes our free Little Steps pathway we provide to Cyber Essentials – the basic government backed kite mark standard for cyber security. Join the centre as a free member and we will take you as far as the CE accreditation process. And if you want to pay for the assessment, we can refer you one of our Trusted Partners – all regionally based cyber security companies that can help you become accredited. And remember that a company operating under Cyber Essentials processes is 99% protected either fully or partially from today’s common cyber-attacks.
• We would also recommend that you speak to your Managed Service Provider and / or website company (if you have one) to discuss how they can implement cyber resilience measures on your behalf.

Reporting a live cyber-attack 24/7

​If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call Action Fraud on 0300 123 2040 immediately. This service is available 24 hours a day, 7 days a week.

Reporting a cyber-attack which isn't ongoing ​

Please report online to Action Fraud, the UK's national reporting centre for fraud and cybercrime. You can report cybercrime online at any time using the online reporting tool, which will guide you through simple questions to identify what has happened. Action Fraud advisors can also provide the help, support, and advice you need.

Alternatively, you can call Action Fraud on 0300 123 2040 (textphone 0300 123 2050).