A number of security providers such as Cloudflare, Akamai and Arbor Networks, specializing in blunting denial-of-service (DDoS) attacks, are helping new Internet-based businesses survive ransom threats by cybercriminals to crash their businesses.
By collaborating with security developers, channel partners may see an opportunity to help smaller customers avert a cybercrime that could threaten their businesses right out of the gate.
Hackers demanding ransom in Bitcoins as payment for not crashing a business’s website by flooding it with traffic have hit newbies such as the New York-based Meetup, a company that connects people offline; Vimeo, a video-sharing business; Bitly, the URL shortening company; Shutterstock, a stock photography agency; and others, according to a New York Times report.
The Times’ report describes an attack on Meetup in which hackers demanded immediate payment of $300 worth of Bitcoins to avoid knocking the company’s website offline with a crippling overflow of server traffic. Meetup’s executives declined to pay and within minutes the company was hit with a traffic flow 40 times normal that crashed its website for four days.
“There’s the moral hazard of engaging,” Brendan McGovern, Meetup’s chief financial officer (CFO), told the Times. “Because if you were to pay, you can’t take them at their word that they will halt, or worse, you’ll get your name on a list in the criminal hacker world saying that you are a company that’s willing to pay.”
McGovern described the DDoS attack as similar to getting overrun by zombies. “Imagine you run a coffee shop,” he said. “And zombies start coming in — millions of zombies — and you can’t sell coffee.”
One solution to the wave of DDoS attacks is for businesses to spread their traffic across a number of data centers, which Cloudflare, a 4-year-old San Francisco-based security provider, subsequently did for Meetup—offering it a cloud service to pre-empt another DDoS attack before it hit the company’s network. According to the Times account, Cloudflare’s sales skyrocketed some 450 percent last year, partially owing to the growing incidence of DDoS attacks.
Bigger security players are also expanding to cover DDoS technology. Last December, Akamai bought Prolexic, a Hollywood, Fla.-based DDoS specialist, for $370 million, a move the vendor said was important to its overall product portfolio.
Perhaps the most visible of recent DDoS attacks occurred last November when the hacking group Anonymous took down a number of Microsoft (MSFT) services, including Hotmail, MSN, Live, Outlook and the company’s website in a well-publicized outage the perpetrator later claimed was a mistargeted barrage.