Hackers attacking your site are not necessarily acting as individuals. Nearly two-thirds of all organized attacks or successful breaches originate from Eastern Europe. More and more, there are groups of cyber criminals acting together to target a specific online business. Why are they doing this? In almost all cases the answer is pretty simple; they do it for money. It is rare that hackers, or hacktivists are involved in attacking your site due to disagreement or protests due to current events.
Unless you are running an online business that is directly involved in a dispute over current heated topics at that particular time, you would be mostly involved with hackers trying to obtain confidential data or financial details of your clients. Being faced with a single hacker may not necessarily mean a better chance of defending your website from attacks every time, but it sure can be better than facing several at once.
What a hacker or cracker would be going for is not always the hardest sites to break into and making their clients give up important and confidential information and tricking them into making costly financial losses or stealing their identity.
It is easier for a hacker or malware to infiltrate a smaller online business since they have fewer resources and finances to protect their data, for themselves and their clients. This definitely also applies to DDoS attacks which simply involves bombarding a website with a flood of requests such as simple page loads for example that the dedicated server just cannot handle and at best slows down the server to a crawl and at worst, stops the server from responding and loading web sites at all.
Hackers have been attacking many smaller ecommerce sites (mostly from Eastern Europe) for years even though it means less prestige for these hackers by attacking a lesser known small online business. They can still steal vital information, stop a site from loading (and asking for money to stop), or simply causing a nightmare via malware and viruses. According to Verizon Business, over 80% of incidents Hackerare Password reported via their study were hacks and nearly 70% were via malware and has increased exponentially over the years. As mentioned earlier, the defenses against cyber attacks to a small online business is weaker because of limited resources, finances and technical knowledge to stop it.
So if hackers are sometimes attacking smaller businesses there would be less money to steal in these cases. This is what brings us back to several hackers working on a same objective. More attacks on smaller businesses can mean a less risky "heist" while hauling sensitive data from several unsuspecting sites and in some cases equaling the same total amount as one attack on a large well defended business. Would officials be more inclined to go after several smaller attacks or go after the one large attack? This is where it is even more vital to make sure a small online business has the firewalls, DDoS hardware and server security software in place and up to date as it is most likely the authorities just do not have the resources to go after every single small cyber attack reported. On top of that, it will hurt a small online businesses reputation regarding security for their clients.
Many online businesses interact and deal with other companies in their day to day operations and it should be common practice to make sure all companies involved are also adhering to stringent security practices and implementing strong security measures. If there is one weak link in the chain all parties involved can suffer, either publicly via their reputation with their clients and the online community (forums, chat rooms, news sites etc.) or with officials since the affecting businesses were associated with that hacked company in some way.
One of the best things to do in such a scenario is find out what measures need to be taken to minimize the damage to your online business and inform your customers what actions they need to take (if any) to ensure the safety of their financial information or personal identifiable data.
