The e-commerce industry is a prime target for DDoS attacks, especially during the Q4 online holiday shopping season. Industry analysts continue to keep a watchful eye on the impact of downtime brought about by DDoS attacks and other cyber-crimes against e-Commerce companies.
Gartner, for instance, predicts a 10% growth in the financial impact that cybercrime will have on online businesses through 2016 as DDoS attackers take advantage of new software vulnerabilities that are introduced via new cloud services and employee-owned devices used in the workplace.
Timely, Prolexic, the world’s largest and most trusted Distributed Denial of Service (DDoS) mitigation provider just announced the results of a survey of global e-commerce companies that were asked about DDoS protection and the effectiveness of different types of DDoS mitigation services.A cross-section of retail companies with e-commerce websites participated in the survey, spanning many business sectors, including consumer electronics, healthcare, online payment processing, fashion and apparel, toys and gifts, heating and plumbing, and software-as-a-service. The respondents, a statistically significant subset of Prolexic customers, included online retailers from the United States, Europe and Asia.
“There was a nearly unanimous belief among respondents that their company websites are at mid-to-high risk of being targeted by DDoS attacks over the next 12 months,” said Stuart Scholly, president at Prolexic. “Moreover, the majority of respondents indicated DDoS mitigation services from ISPs and content delivery networks were ineffective in providing the preferred level of protection e-Commerce companies require and expect.”
Moreover, the survey results reveal a clear preference for DDoS mitigation services that are fast, easy to manage, and can ensure business continuity during an attack. The majority of respondents indicated that DDoS mitigation services from Internet service providers (ISPs) and content delivery networks (CDNs) were ineffective at providing the preferred level of protection their e-commerce companies require and expect.
Survey responses show that online retailers:
- Find content delivery networks (CDNs) and Internet service providers (ISPs) to be the least effective of DDoS protection services, and especially ineffective against direct-to-origin DDoS attacks and application-layer attacks.
- ISPs were ranked least effective for mitigating DDoS attacks by 42% of respondents, while 8% ranked ISPs as most effective.
- CDNs were ranked least effective for mitigating DDoS attacks by 58% of respondents. No respondents ranked CDNs as most effective.
- On-site DDoS mitigation appliances were ranked least effective by 33% of respondents. No respondents ranked appliances as most effective.
- Prefer a mature, pure-play DDoS mitigation service provider with proven competence and capabilities that can scale to stop the largest DDoS attacks on the Internet, with low false positives, and the fastest mitigation backed by a service level agreement (SLA). They also want a mitigation provider with a proven track record of ensuring the client’s site availability and business continuity during a DDoS attack.
- Seek a total DDoS protection solution that only a specialist in DDoS mitigation services can provide. E-commerce companies want network protection for all IPs with a single DDoS mitigation solution, not add-on services from multiple ISPs or CDNs. They want a total-protection provider that sits in front of all IPs and carriers and provides routed protection against all avenues of attacks.
The results of the Prolexic e-commerce customer survey indicate that these trends are resonating with online retailers, who are taking proactive steps toward preparing for the inevitable denial of service attack.
The responses of survey participants clearly point to a need for fast, reliable, and professional DDoS mitigation services from a dedicated pure-play mitigation provider to ensure that site downtime is minimized and the network is protected against all types and sizes of denial of service attacks. Respondents from Prolexic’s global client base of e-commerce companies clearly believe that mitigation appliances, ISPs and CDNs cannot fully protect them from DDoS attacks.
For more details, download the complimentary copy of Prolexic’s report from prolexic.com/ecommerce-report.