Nothing says ‘I Love You’ like a DDoS attack

Nothing says I Love You like a DDoS attack

What did you get your loved one for Valentine’s day? If you ordered flowers online, you might have found it more difficult than expected as florists were receiving a lot of unwanted attention from cyber criminals. Cyber criminals have shown a tendency to exploit major news and seasonal events to slip phishing and other malicious attacks past unwary victims. And this is what happened in the run-up to Valentine’s Day.

All the florist customers of security vendor Imperva experienced a sharp spike in traffic. While some extra traffic is to be expected, considering the rush to order flowers, a lot of it is not. Imperva said that more than 90% of the florist sites saw a sudden surge in traffic between February 5 and February 11. In about 23% of the cases, the spike was dramatic enough to cause problems.

It looked as if the florists were individually targeted in distributed denial-of-service (DDoS) attacks apparently designed to extort money from them. One reportedly receiving a ransom note, while another experienced an attack that resulted in the site going down under the DDoS traffic. Traffic appears to have had come from the UK, France and Latvia. Attackers were still going after old vulnerabilities such as Shellshock in an attempt to breach systems.

If you have a business with seasonal peaks, you should have a tested contingency plan to handle these types of issues before you reach your key period. Get in touch for practical advice on how to create and test contingency plans so you don’t lose business and damage your reputation.