It seems hard to believe that Christmas is almost upon us again, and many businesses will be turning their minds to Black Friday and focusing on driving up online sales. This is something that cybercriminals will also be aware of, and there is plenty of guidance to protect consumers in this area. But what if you are the vendor? What do you need to be aware of?

Well, there is a type of cyber-attack called a distributed denial of service, usually abbreviated to DDOS. You may recall a few Christmases ago when the Xbox and PlayStation gaming networks were hit on Christmas Day causing upset for many online gamers. You may be thinking ‘what on earth is that?’, and what is the relevance to me as a small business?

A DDoS attack is a cyber-attack which disrupts a machine or network resource making it unavailable. This form of attack usually means the criminal uses a whole network of devices which have been compromised by malware and can be made up of computers and Internet of Things devices. This is referred to as a botnet.

Common targets are websites, which can be attacked by flooding it with fake requests from the botnet, slowing it down or making it unavailable to customers. A DDoS can also potentially target any internet-facing services which could lead to the disruption of your daily business. The attack is increasingly accompanied by a ransom demand, with the disruption continuing until payment is made.

In a recent report by Cloudflare, DDoS ransom attacks were described as being on the rise, with a 67% increase year on year. The report also highlights that December last year was the month when most attacks happened. So, if you become the victim of this cybercrime, it could have a significant impact on your Christmas season sales, which can result in costly downtime, lost revenue and reputational damage to those businesses relying on the internet to do business.

It’s not possible to fully mitigate against a DDoS cyber-attack, but there are steps you can take to better prepare your cyber security should an incident happen. The National Cyber Security Centre provides guidance on this and recommends five essential practices:

1. Understand the points in your service where resources can be overloaded or exhausted. Determine whether you, or a supplier, are responsible for each.

2. Ensure your service providers are ready to deal with resource exhaustion in places where they are uniquely placed to help.

3. Ensure your service can scale to deal with surges in concurrent sessions.

4. Have a response plan. You should design your service, and plan your response to an attack, so that the service can continue to operate, albeit in a degraded fashion.

5. Testing and monitoring. Gain confidence in your cyber defenses by testing them, which will help you notice if a cyber-attack starts by having the right tooling in place.

The Cyber Resilience Centre for Wales offers cyber security services at a discounted rate, and we are committed to using ‘non-jargon’, plain language. We are also able to recommend you to our network of trusted partners which are accredited by IASME, the accreditation body appointed by the National Cyber Security Centre to oversee the Cyber Essentials/Cyber Essentials Plus schemes. As such, they have a sound understanding of the most common cyber technical controls. If you are interested in finding more out about these services, please contact us.

If you do become a victim of a DDoS ransom or any form of cybercrime, contact Action Fraud to report the incident to the police.