Avoiding Coal in the E-tailer Stocking: Defense.Net DDoS Mitigation Pioneer Shares Top Seven Tips for Protecting E-commerce Sites Against Attacks on Cyber Monday

Published November 25, 2013


Nathan Misner
Sr. Director of Global Communications
F5 Networks
(206) 272-7494

Holly Lancaster
WE Communications
(415) 547-7054

Steps Online Retailers Can Take to Avoid a Catastrophic Website Outage During the Most Critical Shopping Period of the Year

BELMONT, CALIF. – Defense.Net, the only company designed to mitigate the increasing scale and sophistication of modern Distributed Denial of Service (DDoS) attacks, today released the top seven tips for e-commerce sites to protect themselves against cyber-attacks during the busiest shopping season of the year. The tips, from cybersecurity and DDoS mitigation pioneer Barrett Lyon, come as new DDoS attacks that can disable the websites of even well-defended businesses, have increased in scale and frequency over the past 12 months.

“Online retailers and other companies that rely on their websites for conducting business need only look back to what happened to Burlington Coat Factory two years ago when a DDoS attack shut down their website for 45 hours,” said Barrett Lyon, founder and CTO of Defense.Net, whose pursuit of hackers operating as part of the Russian mob was chronicled in the best-selling book, Fatal System Error. “As 2013 has seen an unprecedented increase in DDoS attacks, there are some simple steps online retailers can take to avoid the devastating financial loss of a DDoS attack during the critical holiday shopping season or on Cyber Monday, the busiest online shopping day of the year.”

In DDoS attacks, perpetrators assemble an army of compromised computers (a botnet) to inundate a website with a volume of requests that overwhelms and crashes the website. Recently, the ease of access to sophisticated attack tools has advanced to a level where a botnet than can do millions of dollars of damage within minutes can be rented for $7 per hour. This has proliferated a weapon that was previously in the domain of sophisticated cybercriminals to a wide audience with varying motivations for attacking a website – from business competitors to disgruntled customers or former employees to extortionists to “hacktivists” that object to merchandise being sold. According to Forrester, the estimated impact can be around $2.1 million dollars lost for every four hours a website is down and $27 million for a 24-hour outage, depending on the size of the business.

“Too many businesses today believe that a DDoS attack ‘could never happen to me,’ but when I recently presented at the ‘Retail Center of Innovation’ event in Silicon Valley and spoke with the top brands participating at the event, more than one-third said their brands had been DDoS attacked within the past week,” said Chris Risley, CEO of Defense.Net. “If a hacker wanted to attack an e-commerce site and achieve the largest impact, Cyber Monday would be an obvious target. It’s more important than ever that retail sites prepare in advance and stay ahead of potential attacks.”

The top seven tips for retail e-commerce sites to protect themselves from a DDoS attack from Barrett Lyon of Defense.Net are:

1. Assess Your Risk and Avoid the “It Could Never Happen to Me” Syndrome

Assess Your Risk and Avoid the “It Could Never Happen to Me” Syndrome. Are there disgruntled customers, partners, former employees, etc. that could feel strongly enough to launch an attack against you? Do you sell items that could be considered objectionable by anyone, such as fur coats, items manufactured in actual or perceived “sweat shops,” etc.? Keep in mind that even if you believe there is no one that holds a grudge against your business, at any minute you could receive a “ransom note” from an extortionist that demands payment to prevent an imminent DDoS attack on your website.

2. Listen to the Chatter

Many hackers do so for recognition, especially in the case of DDoS attacks which are frequently used punitively versus other cybercrime where the perpetrator seeks financial gain. Keep abreast of news reports, blogs and forums such as Pastebin that hackers use to brag about their exploits so you can best prepare before an attack is launched. Closely monitor your brand on social media, as you’ll likely hear about an attack first on Twitter.

3. Talk to Your Service Provider

Most service providers will offer DDoS mitigation services at nominal cost. However, it is important to investigate the bandwidth resources of your service provider. Note that a large DDoS attack on one of your service provider’s other customers could take down that provider’s capability to protect any additional customers, leaving your site vulnerable. Another consideration: as attack mitigation is expensive and ancillary to their core business, most service providers will cancel your protection if you are regularly attacked.

4. Consider Additional Mitigation Resources

Research the options available for a more aggressive defense against DDoS attacks. Options range from building your own network to installing DDoS mitigation hardware to using the services of a cloud-based DDoS mitigation provider. These options vary in cost and complexity, but offer the best insurance policy against a catastrophic site outage. Note that if these systems are installed before an attack occurs, the mitigation will be significantly more effective and less expensive than bringing in mitigation once an attack has started.

5. Understand the Warning Signs that Your Site is Under Attack

DDoS attacks are often misdiagnosed as higher than normal levels of legitimate traffic. Retailers are especially vulnerable to this during the holiday shopping season when increases in traffic are expected, but the amount of increase is unpredictable. By working with your service provider or developing the internal capability to review the IP Addresses of the inbound traffic to your website, you can assess the legitimacy of the visitors to your site and deploy countermeasures before an attack overwhelms your defenses.

6. As a Last Resort, Know Who to Call in an Emergency

Prepare a list of the top mitigation services you can call in to get your site back up if it has been taken down by a DDoS attack. As noted above, this will be more expensive and will leave some “collateral damage” akin to the fire department that breaks windows and walls, leaves water damage, but extinguishes the fire.

7. During an Attack, Be Sure to Mind the Store

Recently, DDoS attacks have been launched as diversions for cybercriminals to steal credit card information or passwords, or to commit other cybercrime beyond taking down your website. In other cases, cybercriminals look for a site under DDoS attack and opportunistically attempt to steal data when the attention of the company is focused on the DDoS attack and restoring the website. Ensure that you are equally vigilant to pile on attacks when mitigating a DDoS attack.

For more information read Defense.Net Founder and CTO Barrett Lyon’s white paper on the DDos threat landscape.

About Defense.Net

Founded by Barrett Lyon, who created the Distributed Denial of Service (DDoS) attack mitigation industry more than 10 years ago, Defense.Net has combined the top minds in the DDoS space with breakthrough new technologies designed to effectively address today’s and tomorrow’s DDoS mitigation challenges. It is the only company to defend businesses and organizations against this new generation of massive and sophisticated DDoS attacks while delivering the highest levels of Internet application performance – two areas where legacy DDoS mitigation services have not been able to match the modern strategies of today’s cyberattackers. With increasing threats from the escalating scale and complexity of DDoS attacks and a growing number of antagonists willing to use them, Defense.Net protects organizations from modern attacks by providing end-users with a seamless experience as if no attack were occurring. The company has raised more than $9.5M in debt and equity financing with investors that include visionary security and Internet investor Bessemer Venture Partners (BVP).

Addendum: F5 Networks acquired Defense.Net in May 2014

About F5

F5 (NASDAQ: FFIV) makes apps go faster, smarter, and safer for the world’s largest businesses, service providers, governments, and consumer brands. F5 delivers cloud and security solutions that enable organizations to embrace the application infrastructure they choose without sacrificing speed and control. For more information, go to You can also follow @f5networks on Twitter or visit us on LinkedIn and Facebook for more information about F5, its partners, and technologies.

F5 is a trademark or service mark of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

# # #

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.