Cyber attacks where criminals threaten to overload a target’s network with Distributed Denial of Service (DDoS) attacks unless they’re paid off have more than doubled over the last year.
Analysis of cyber threats and criminal activity by security researchers at Neustar found that the number of ransom-related DDoS attacks (RDDoS) grew by 154 percent between 2019 and 2020. Financial services, telecommunications and government agencies are some of the sectors most targeted by the attackers.
One of the reasons ransom-related DDoS attacks are increasing in popularity is because they’re relatively simple to carry out, even for low-level cyber criminals.
Rather than having to rely on ransomware or other malware to hold a network hostage, DDoS attackers merely threaten their victims with the prospect of DDoS if the payment – usually demanded in bitcoin – isn’t received within a deadline. Criminals will often present a taster of what could come with a short-lived DDoS attack in an effort to coerce the victim into paying.
SEE: Network security policy (TechRepublic Premium)
All the RDDoS attacker needs is a botnet to overload the target systems with traffic – something which can be hired on underground forums for a relatively low cost – and the ability to threaten organisations with the prospect of an attack over email.
Some criminals behind DDoS ransom attacks will pretend to be notorious hacking groups such as Fancy Bear or other nation-state linked operations in their ransom notes in an effort to scare the victim into paying up – and many organisations are through fear of being taken offline even though there are many ways to mitigate such attacks.
However, despite the threats of being knocked offline, organisations are urged to not give into the demands of cyber criminals, so as to not encourage a further rise in ransom DDoS attacks.
“Organisations should avoid paying these ransoms. Instead, any attack should be reported to the nearest law enforcement field office, as the information may help identify the attackers and ultimately hold them accountable,” said Michael Kaczmarek, Vice President of Security Product Management at Neustar.
“Beyond this, organisations can prepare by setting up a robust DDoS mitigation strategy, including assessing the risks, evaluating available solutions, considering mitigation strategies and keeping their plan and provider up to date.”
MORE ON CYBERSECURITY