There are many different types of cyberattacks out there that can disrupt your business operations. There is ransomware, cloud account takeover, business email compromise, distributed denial-of-service attacks (DDoS), and many others.
One of the most far-reaching is a DDoS attack because it involves taking a web-accessed site or system completely offline for those trying to reach it.
During the first half of 2020, DDoS attack volume increased 151% and over ninety percent of attacks lasted at least 4 hours. That’s over half a business day without a vital system that your company may need to operate, such as your VoIP service, company website, or a cloud productivity tool.
One recent example that happened near the end of this year impacted the VoIP customers of Quebec-based VoIP.ms. While this service may be based in Canada, it serves more than 80,000 customers in 125 countries.
Beginning, mid-September, the service provider began experiencing a DDoS attack that put a strain on all its services. These are services that multiple companies rely on to power their business phone systems and other communications.
The group behind the attack, believed to be the REvil cybercriminal group, demanded more than $4.2 million to stop the attack that was causing a severe interruption in the VoIP provider’s cloud services. Six days after the attack began, the company sent out a message on Twitter that it was still working on battling the attack and restoring services.
What Is a DDoS Attack?
A distributed denial of service (DDoS) attack happens when hackers flood a network with so much malicious traffic that it can’t operate properly. It’s as if 1,000 times the traffic that a site normally receives came all at once and continued coming each minute.
Automated bots are often used to launch DDoS attacks. Hackers that have infiltrated computers and put in backdoors can also utilize these computers in these types of attacks.
Basically, so much traffic is hitting a web service that it can’t keep up. It can quickly run out of the allotted bandwidth and memory and be unable to respond to all the requests.
As a result, the site or cloud service becomes unavailable for the legitimate users that try to access it.
How Can a DDoS Attack Impact My Company?
There are two main ways that a DDoS attack can impact a company:
- A cloud service you rely on can suddenly become unavailable for days, as was the case for the customers of VoIP.ms
- Your own website can be taken down by a DDoS attack
DDoS attacks can happen to any web-based service or website. This includes your company website. If hit with a DDoS attack, you would first notice it from the inability of anyone to reach your site. If you looked at your website logs, you’d find that your site’s bandwidth and memory had been maxed out.
Your company can be impacted by DDoS attacks in several ways.
Unable to Reach Important Cloud Services
If one of your service providers experiences a DDoS attack, then you may be unable to use that service for hours or days. This can include any SaaS tool you may use, such as an accounting application, video conferencing platform, or CRM application.
It’s important to address this possibility in your business continuity plan, so you still have a backup of your cloud data available if unable to reach a cloud service.
Your Company Can Lose Business
If you are unable to serve customers properly either because your website is attacked or that of a vital service provider (e.g., VoIP), you can end up losing business. All a caller may know is that they can’t reach you, even if it’s not your fault, it still makes your business look bad and can cost you.
You May Find Infected Devices Being Used for Attacks
Another way a company can be impacted is through the use of its devices in DDoS attacks without users realizing it. Devices that are infected with the right type of malware can be used like automated bots and commanded by a hacker to join in on a DDoS attack. Hackers can do this with many types of devices, including computers, mobile devices, and IoT devices.
What Can Be Done to Mitigate DDoS Attacks on Your Website?
There are a few things that can be done to address a DDoS attack. These include:
- Identifying the attack early through monitoring software
- Overprovisioning bandwidth, which can give you a few more minutes to react before your site goes down
- Put strong perimeter security in place on your web server
- Call your ISP and IT professional as soon as you notice you are under attack
Is Your Company Cloud Environment Properly Secured?
B-Comp Services can help your Denver area businesses with a business continuity plan that addresses the potential for DDoS attacks on your cloud tools and website.
Contact us today for a consultation. Call at 303-282-4934 or contact us online.
