How Small Business Can Fight Internet Hackers

First, company e-mails started to take forever to arrive. Then Jose Cruz, network specialist for apparel maker Nanette Lepore, kept getting kicked off the company's central server. A few hours later sales machines at the company's nine boutiques were routinely getting bumped off-line when they tried to connect to the central server. Cruz became increasingly alarmed. Hackers were attacking the business with a so-called denial of service attack, using an army of computers to bombard a server with bogus requests for information, and making it impossible for legitimate ones to get through. "This was a malicious attack to shut down the company," Cruz says. Engineers from his Internet service provider eventually traced the raid to hackers in Asia.

But when the onslaught occurred, in November 2008, at least the 100-person, $150 million business was prepared. It had a battle plan. It had redundant servers, with multiple links between stores, the company's central database, and the Internet. Its Web hosting was offsite, its security software up to date. Cruz's first call was to the Internet service provider that handles Nanette Lepore's boutiques' Web access, which switched off the link that was being bombarded and established a secondary link for the stores to use. Things did not return to normal until three days later, when the ISP was able to effectively block the rogue signals.