SMB Lessons From DDoS Cyber Attack Wave

By | Oct 25, 2012

The U.S. Department of Homeland Security suggested that companies should pool together resources to counter recent cyber attacks on American banks.

A recent Computerworld article reported on the comments made by deputy undersecretary for cybersecurity Mark Weatherford. Weatherford addressed a security awareness conference in California. His remarks come after American banks have been dealing with a string of distributed denial of service (DDoS) attacks on their websites.

DDoS attacks seek to push websites offline by overloading them with junk traffic so they cannot handle legitimate requests from users. In recent years, DDoS tools and botnets have filtered down to affect small and midsize businesses.

Weatherford suggests that companies in the same industry could possibly share resources to mitigate attacks and that collaboration could also cut down the cost of attack mitigation between similar companies. He also noted that he wasn't sure if his idea was legal or conceptually possible but rather an important possibility to think about.

The SMB Concern

Although the attacks, which Iranian hackers have claimed, hit the big banks, including Wells Fargo, Citigroup, Bank of America, and JPMorgan Chase, small and midsize businesses should be on alert as well. Since the most recent victims seem to be big banking institutions, there is naturally a perception among many small and midsize businesses that the same thing can't really happen to them.

However, the relative simplicity of the IT infrastructure at small and midsize businesses is the very reason there is a legitimate risk. Enterprises tend to go beyond firewalls and really secure their data - yet these attacks happen. Small and midsize businesses can often get complacent thinking their data isn't a target like the big guys' and fail to truly evaluate their security.

Considering Finance and DDoS

Specifically within the financial sector, small and midsize businesses share the same concerns as the large banks making the headlines. Cyber criminals are now targeting smaller organizations with the same intensity. They target data stored at small and midsize businesses as easy targets. As a result, small and midsize businesses are becoming more resilient and they are looking to detect ongoing attacks and understand network traffic. DDoS service providers now find that their services to customize solutions for small and midsize businesses are becoming necessary. They have the expertise to determine if a business can survive a potential attack.

As big financial institutions consider ways to work together to fight the latest round of cyber attacks on their websites, small and midsize businesses are beginning to learn from their actions. They are taking a closer look at security measures now, more than ever. As this is achieved that means there will be a continued acceptance and realization that all types of cybercrime, even the kind hitting the big guys, can also happen to them.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...