Amazon was one of several companies to be threatened with attack from pro-WikiLeaks group Anonymous recently. The group managed to cause problems for payments giants MasterCard and PayPal, but appeared to admit short-term defeat when it came to bringing down Amazon.
Amazon was one of several companies to be threatened with attack from pro-WikiLeaks group Anonymous recently. The group managed to cause problems for payments giants MasterCard and PayPal, but appeared to admit short-term defeat when it came to bringing down Amazon. The etail giant did see some service interruptions a couple of days later but said these were down to hardware problems, not cyber attacks.
Members of Anonymous posted on Twitter that it was too big for their preferred method of attack, Distributed Denial of Service attack (DDoS), and they later released a press statement saying they’d decided not to attack the retailer because they didn’t want to make customers feel threatened as they shopped for Christmas gifts (apparently their mission is to raise awareness by disrupting service, not to cause chaos for users).
DDoS attacks can be catastrophic for retailers, being comparatively easy to carry out and expensive to handle. Not only does a company lose sales, it incurs costs by enlisting the help of suppliers to deal with it. A DDoS attack generally involves large numbers of computers being used to try and overwhelm a site’s server with high volumes of traffic, causing performance issues.
The reason Anonymous faltered when it came to attacking Amazon is probably partly down to its size. The etailer is used to dealing with lots of visitors – while MasterCard and Visa might not expect to be hit with high levels of traffic at a single time, Amazon is built for it. It will test its software with levels of traffic way above what it actually expects to get, making it resilient to this kind of attack. The company also has a diverse IT infrastructre, with servers all over the world. If one server does fall victim to a DDoS, in theory others could step in and take over.
Not all retailers are Amazon’s size, but there are still things they can do to protect themselves. To start with websites should be tested with at least ten times the amount of traffic they’re expected to get. There are also third-party services available that can monitor websites and send a phone alert if problems are found, and it’s a good idea to get out-of-hours numbers from internet service providers as DDoS attacks often happen outside of office hours.
No comments yet