Florists hit by targeted DDoS attacks in run-up to Valentine’s Day

David bisson
David Bisson


Dozens of online florists saw themselves struck by targeted distributed denial-of-service (DDoS) attacks leading up to Valentine’s Day this year.

DDoS-mitigation firm Incapsula writes in a blog post how 34 of their online florist customers witnessed an increase in bot traffic between February 6 and February 12. Of those affected sites, some 91 percent showed elevated attack traffic during that period, with 23% reporting a sharp increase.

“There does not appear to be a trend in attacks against all online florists, but rather targeted attacks. In fact, one of our customers reported receiving a ransom note.”

Sign up to our free newsletter.
Security news, advice, and tips.

Traffic report

One of Incapsula’s customers saw more than 20,000 blocked traffic requests/second on the morning of February 4. In another instance, an online florist’s website crashed after its content delivery network (CDN) interpreted the attack traffic as legitimate user sessions and routed the traffic through the origin servers, thereby overloading the site’s cache capacity.

Being knocked offline could, no doubt, have led to a huge loss in revenue on what florists worldwide consider the busiest day of the year.

“Attackers know when and how to hit where it hurts the most; targeting florist websites during one of their busiest Holidays is not a coincidence,” Stephanie Weagle, vice president of Corero Network Security, told SC Magazine. “Knocking a revenue generating web site or application offline with a DDoS attack is not a difficult task, and we see real-world examples of these instances regularly.”

It is interesting to note that these attacks, some of which originated from the United Kingdom, France, and Latvia, leveraged old vulnerabilities such as Shellshock.

Clearly, criminals have no qualms about resorting to DDoS attacks as a method to deprive businesses of revenue or to extort money for themselves.

But there are ways businesses can protect themselves. First and foremost, they should never pay a ransom fee.

“If a company is being held to ransom by a criminal DDoS gang it should inform law enforcement immediately and issue a statement to its customers where industry practice allows,” Lee Munson told SC Magazine. “Under no circumstances should any business cave in and pay up as that only marks the business as a future target for the same or other criminal gangs.”

Businesses can also monitor their traffic and keep an eye out on social media for signs of an impending attack. In the meantime, they would be wise to invest in some DDoS mitigation technologies and to formulate a plan they can follow in the event that an attack does occur.

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

One comment on “Florists hit by targeted DDoS attacks in run-up to Valentine’s Day”

  1. coyote

    It's a good thing that I'd not find being sent flowers such a hot idea because I'd have been quite angry if my birthday had been ruined by DDoS attacks… Not that I'd expect people to send me flowers by ordering them on the Internet but it could have happened if I did indeed love the idea of being sent flowers for my birthday. I suppose it's helpful that I'm male but to point that out first would make it much less amusing to me and since the 14th is my birthday and I love laughing I'll opt for the most humorous way (not that I don't appreciate humour on other days).

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.