Cyber Insurance Blog

The Key to Preventing DDoS, MiTM, and Other Types of VPN Attacks

The Key to Preventing DDoS, MiTM, and Other Types of VPN Attacks

If you work remotely, you’re probably no stranger to VPN—the virtual private network you use to protect your internet connection and privacy, and which allows you secure access to the company’s server.

A young woman works from home at her desk.

But while VPNs are used for security, you might be surprised to learn that they aren’t always secure. Many industries have had to play security catch-up since COVID hit, and the majority of the workforce had to access and send information outside of the office building’s network. This dramatic increase in VPN usage (more than 124 percent in the U.S.) resulted in expanded opportunities for VPN attacks and the discovery of new vulnerabilities to many different types of VPN attacks. As a result, attacks were up more than 2,000 percent in 2021 and continue to be a concern today.

As many businesses embrace a remote or hybrid (part-remote, part-onsite) workforce, keeping data safe from VPN attacks remains a priority. What top threats face VPN users today—and are we still vulnerable?

Common VPN Cyber Attacks and How to Prevent Them

When it comes to network security and data protection, it’s good to know a few other abbreviations besides VPN, such as ISP, IP, DoS, DDoS, MiTM, MFA, and RDP.

A combination lock rests on a computer keyboard.

When you use a VPN, you mask your device’s IP (internet protocol) address to hide your identity online, circumventing your device’s personal ISP (internet service provider) by sending it to a hosted server elsewhere. This masks your IP address from would-be hackers, but is it enough?

Currently, hackers’ popular favorites are MiTM, DoS, and DDoS attacks on VPNs:

  • MiTM, or VPN man in the middle, attacks are when communication between two different systems are intercepted by someone else. The hacker is able to capture any data you send, including login credentials and financial information.
  • A VPN can protect against MiTM because it routes your location through one or more hosts, obscuring your actual location. However, once the information passes from the VPN server to its final destination, it does become vulnerable, especially if the VPN sends out traffic via a split encrypted tunnel and endpoints are left unprotected.
  • DoS (denial of service) and DDoS (distributed denial of service) cyber attacks disrupt network activity by overwhelming the server with traffic and making it unavailable. DoS attacks are single system-to-system, while DDoS attacks use multiple machines to flood the target system.
  • A VPN can protect against DoS and DDoS attacks because it keeps the hackers from identifying your IP address. However, if attackers constantly monitor a connection and your VPN drops briefly, they can see your actual IP address and target you then. Or, they can attack a VPN company’s servers and try to find weaknesses there.
    A young woman with her white dog on her lap works on her computer at home.

While it’s clear that VPNs keep data and access safe, there are still chinks in their armor. Experts say that “hardening” VPNs with additional authentication will help with VPN security.

  • MFA (multifactor authentication) provides this by asking for extra identification on top of a password. This works because even if a hacker has your username and primary password, chances are they won’t be able to get through the additional layers of questions, tokens, and codes MFA uses.

MFAs are also critical to secure RDP (Windows®Remote Desktop Protocol) ports, which, when open, expose Windows® resources to bad actors. As a result, the most common ransomware in 2021 was through RDP. This has caused insurance companies to take a closer look at cyber policy underwriting and renewals, asking for more details than ever before on the practices and controls businesses have in place for internet and data security. If a company doesn’t use MFA, they may find it’s not only problematic for security, but also for securing coverage.

Make sure your clients understand that VPNs by themselves, while critical, can be made even stronger when incorporating MFA. Additionally, if your clients use RDP ports, make sure they understand the importance of MFA—not just for securing their networks but also when looking for a cyber insurance policy or getting ready for renewal.

 VPN on wooden blocks with an image of a lock on top.

Get Cyber Coverage for Your Clients Through ProWriters

Carriers who offer Cyber Liability Insurance want the businesses they cover to follow best cyber security practices, which include using MFA for RDPs. To find out how you can quote multiple Cyber policies from top carriers to your clients easily and effectively, schedule a call with a ProWriters representative online.

In the meantime, to learn more about cyber security, VPN attacks, and what your business clients can do to protect themselves, download our free eBook, “Ransomware: The Front Lines.”

Subscribe to Our Monthly Newsletter!

    Retail vs. Wholesale Brokerage

    Experts Weigh In

    Get the eBook