Dozens of online florists saw themselves struck by targeted distributed denial-of-service (DDoS) attacks leading up to Valentine's Day this year.
DDoS-mitigation firm Incapsula writes in a blog post how 34 of their online florist customers witnessed an increase in bot traffic between February 6 and February 12. Of those affected sites, some 91 percent showed elevated attack traffic during that period, with 23% reporting a sharp increase.
"There does not appear to be a trend in attacks against all online florists, but rather targeted attacks. In fact, one of our customers reported receiving a ransom note."
One of Incapsula's customers saw more than 20,000 blocked traffic requests/second on the morning of February 4. In another instance, an online florist's website crashed after its content delivery network (CDN) interpreted the attack traffic as legitimate user sessions and routed the traffic through the origin servers, thereby overloading the site's cache capacity.
Being knocked offline could, no doubt, have led to a huge loss in revenue on what florists worldwide consider the busiest day of the year.
"Attackers know when and how to hit where it hurts the most; targeting florist websites during one of their busiest Holidays is not a coincidence," Stephanie Weagle, vice president of Corero Network Security, told SC Magazine. "Knocking a revenue generating web site or application offline with a DDoS attack is not a difficult task, and we see real-world examples of these instances regularly."
It is interesting to note that these attacks, some of which originated from the United Kingdom, France, and Latvia, leveraged old vulnerabilities such as Shellshock.
Clearly, criminals have no qualms about resorting to DDoS attacks as a method to deprive businesses of revenue or to extort money for themselves.
But there are ways businesses can protect themselves. First and foremost, they should never pay a ransom fee.
"If a company is being held to ransom by a criminal DDoS gang it should inform law enforcement immediately and issue a statement to its customers where industry practice allows," Lee Munson told SC Magazine. "Under no circumstances should any business cave in and pay up as that only marks the business as a future target for the same or other criminal gangs."
Businesses can also monitor their traffic and keep an eye out on social media for signs of an impending attack. In the meantime, they would be wise to invest in some DDoS mitigation technologies and to formulate a plan they can follow in the event that an attack does occur.