DDoS Attacks: How to Keep Remote Employees Safe From Denial-of-service Attacks
As business becomes increasingly reliant on technology and the internet, cybercriminals have come up with new ways to attack companies. One of the most common types of cyberattacks is a DDoS attack.
DDoS attacks are designed to disrupt services and cause financial losses for companies by overwhelming their systems with traffic from multiple sources. The biggest challenge for companies is that Denial-of-service attacks are often indistinguishable from legitimate traffic, making it difficult to identify them.
These types of attacks are increasing in number and complexity and have become a real threat to businesses of all sizes around the world. In 2021, the Azure DDoS Protection team at Microsoft reported that it repelled what experts in the field believe to be the largest distributed denial-of-service attack to have ever been launched. Moreover, Cisco predicts that by 2023 there will be over 15 million DDoS attacks. That's more than double the 7.9 million attacks seen in 2018
Remote companies are not immune to these attacks either. After the start of the pandemic, businesses that were forced to go digital experienced an increase in security threats. According to Nexusguard, the result was a 341% increment in attacks from 2020 to 2021.
DDoS attacks not only raise cybersecurity concerns inside corporations but there's also the monetary aspect. The average cost of a DDoS attack is between $20,000 to $40,000 just per hour.
Aside from costing thousands of dollars in revenue, such attacks can damage brand reputation. The issue then is not just about protecting your company from cyber attacks, but about ensuring your clients that they can trust you with their data.
But not everything is bad news. There are many ways to keep your business protected against these types of cyberattacks. We spoke to the Engineering team at GroWrk to get their best practices on how to prevent DDoS attacks. Here's what you need to know about DDoS attacks, and how you can keep your networks safe.
What is a DDoS (Distributed Denial-of-service) attack?
In simple terms, a distributed denial-of-service attack is when hackers send a flood of fake traffic to break down a server, network, or website.
Our CTO, Bernardo Cassina, explains that during this kind of attack, malicious hackers overload systems by making a lot of requests that also overload machines so it's not possible for legitimate users to load the platforms. He goes on to say that during these attacks there are millions and millions of signups at the same time, so all of the computers that actually live in a data warehouse are overloaded with so many requests that they can't handle it.
In terms of the most common type of DDoS attacks, Daniel Galindo, Lead Engineer at GroWrk, says that the most prevalent is a botnet that involves multiple machines being infected but users don't know it.
Bernardo adds that apart from volume-based attacks, there are hackers who try to attack specific vulnerabilities found within a certain software. For example, if they find a vulnerability in the Google Cloud Platform, hackers would try to attack it with a bunch of requests. So it’s not just about directing volume requests towards a platform, they direct that volume to exploit a weakness.
Attacks on highly scalable architectures like Google’s are rare but are still plausible. He explains that another thing that can happen is a DDoS attack on a platform that scales infinitely. In this instance maybe the service won’t be denied, but a company will be billed a large sum of money for all the requests and the machines that were turned on during the attack.
What are the reasons behind a DDoS attack?
The motivations behind a DDoS attack can range from revenge, financial gain to political reasons. In some cases, DDoS attacks are used by hackers as a means of extortion, where they will threaten organizations with DDoS attacks unless they pay up. In other instances, DDoS attacks are used as a way to send a message from the hacker community. For example, some hackers will launch DDoS attacks on websites that support controversial legislation or those that have been subject to criticism for doing something deemed unethical by the hacker community. Another aspect is competition, survey data from 2017 indicates that over 40% of companies affected by a DDoS attack blame the incident on their competitors.
Bernardo points out that there are many types of hackers, like black hat hackers, who have malicious intentions. These types of hackers try to exploit vulnerabilities inside systems so they can steal data from users. However, he mentions that DDoS attacks tend to be business related or ideological, like the case of Anonymous denying the service of the Canadian Government website. In that case, perpetrators are not after economic gain, rather they want to prove a point that oftentimes stems from activism. A more complex motivation is cyberwarfare, he adds, which is a relatively new term but that has made waves in the geopolitical landscape where governments launch cyber attacks.
How can remote employees prevent DDoS attacks?
Due to the increasing frequency of DDoS attacks, it’s more important than ever for companies to be prepared. The best way to avert an attack is to prevent it before it happens, as well as to have the right security in place.
Remote employees should have special care regarding security since they usually work from their own devices or do not have as many cyber security precautions at home as they would in an office. Prevention thus becomes a necessary part of their work. Here are our Engineering team's best tips and practices to guarantee a secure work environment.
For Daniel, implementing the right policies and educating employees on basic cyber security is the best way to prevent attacks. It’s especially relevant for remote employees to have the right security measures in place like not opening links that they don’t recognize. All devices that do not belong to the company should be subject to security policies. Additionally, a business should have security configurations in place to protect their infrastructure such as having a list of allowed IP addresses. All in all, it’s paramount to protect their environment to make it less susceptible to any kind of hack. This is especially true considering that employees’ devices can be infected and misused for a DDoS attack.
There are three aspects that our CTO considers crucial to a company’s cybersecurity: security and compliance policies, employee training, and serverless architecture.
Businesses, on-site and remote, should always have security and compliance policies to prevent all kinds of attacks, Bernardo suggests. For companies with employees all over the world, those policies should include a Bring Your Own Device (BYOD) policy and a Remote Work policy, as well as being compliant with GDPR or SOC-2. If you're compliant with those policies, he emphasizes, you will be pretty sure that your employees have a secure device to access your business’ platform.
Education and training are also important for on-site employees as well as distributed teams. Bernardo recommends having talks with employees at least every three months about basic cybersecurity and staying up to date with security training. Meanwhile, protecting architecture is also essential. Choosing a highly scalable architecture, installing firewalls, or having something like Google Cloud Armor for cloud services are his preferred ways of maintaining security.
There are many services around the web that you can choose from to protect your architecture. Our engineers recommend services that offer serverless functions like Google Cloud Platform, Google App Engine, and Google Cloud Armor.
A DDoS attack is a threat that every company should be aware of and prepared for. While there are many ways to protect your business against these attacks, it’s important to remember that prevention is key. By following these tips on how to prevent DDoS attacks, you can ensure that your business remains safe from this type of cyber-attack in the future.
Keeping up with security policies and ensuring your employees' devices are compliant will take you a long way in terms of cybersecurity. The next time you hear about a DDoS attack, don’t panic—just make sure that your company is prepared for anything.
At GroWrk we take security very seriously. We focus on being SOC-2, GDPR, and CCPA compliant, so we make sure that our clients’ data is safe not only for common cyberattacks like DDoS attacks or cross-site scripting but throughout our company. We do regular checks on all of our policies and all the tools that we use are properly regulated. This helps us to keep information safe and therefore comply with all the rules that we have set in place so that only the owners can access their information.
Whether you are preparing to scale your team globally or need to simplify your current remote team's IT equipment needs, we have the right solution for you. Our platform streamlines the procurement, deployment, and management of IT equipment required by globally distributed workforces. With our smart equipment management platform, we seamlessly handle the onboarding and offboarding of employees as well logistics and help desk support for your distributed workforce's IT assets. Request a demo to start handling all your IT hardware needs hassle-free.