Member Article
IT expert warns SMEs to beware of cybercriminals
News that cybercriminals can now buy distributed denial of service (DDoS) attacks for just £1.32 from a ‘rampant online marketplace of tools and services’ is not good for small to medium businesses with no defence in place for reasons of cost and/or lack of IT resource.
Leading IT expert, Jeff Orr from Stack Data Solutions in Aintree, said attacks have previously been aimed at large organisations like governments or large corporations like Starbucks, which have the financial muscle to commit large spend on defending themselves. Yet the low cost of purchasing a DDoS attack means that petty vendettas against smaller businesses, using cyberattacks, could become not only a reality, but a common occurrence. Such cybercrime will not necessarily be elaborate and will not require any technical expertise if it is simply bought in.
He explains: “DDoS attacks are normally achieved by using computers known as bots – short for robots – that have been compromised by a hacker or virus. Put simply, those controlling these compromised computers will send out a command to drive all traffic to the target they wish to attack, rendering them unable to function, crashing websites and so on.
“Previously, it was complex to carry out attacks like these, as the bots software would have to be designed. However, a study by McAfee recently highlighted a service offering to launch a DDoS attack on behalf of would-be attackers from just £1.32. If attacks can be bought for so little they are opened up to the average Joe in the street who may just be annoyed by a particular business or website. In effect, they could go on to attack or hurt whoever has upset them simply by telling the attackers which site they would like to target and paying them peanuts to do so.
“That business would be protected, however, if it had a sophisticated firewall in place to prevent such attacks from having any effect.
“What happens during a DDoS, is that the memory of the attacked computer is consumed. An attack intends to make the server run out of memory and attempts to take up all bandwidth. Smaller organisations have less bandwidth and memory and the only way to for them to defeat a DDoS attack is to have a firewall in place, which is capable of recognising it and dropping the attack packets, while admitting the commercial packets.
“While some may balk at a financial outlay for which they see no tangible benefit, business would be wise to look at it alongside the long term costs of downtime and the loss of profits. Prevention is always far better and most often cheaper than cure!”
For more information on Stack’s bespoke IT services call 0151 521 2202 or email sales@stack.co.uk
This was posted in Bdaily's Members' News section by Dan Minchin .