Hackers are using DDoS attacks to squeeze victims for ransom
Is the threat of a large-scale DDoS attack enough to get organizations to pay?
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Now may be a good time for businesses to invest inDDoS protectionas cybercriminals have begun using the threat of large-scale DDoS attacks to extort ransoms from organizations.
According to a new blog post fromCloudflare, a major Fortune Global 500 company was targeted by a Ransom DDoS (RDDoS) attack by a group claiming to be theLazarus Groupin late 2020. This extortion attempt was part of a wider trend of ransom campaigns that unfolded throughout last year and cybercriminals will likely continue to use similar methods as they have been quite successful.
Unlike a ransomware attack where cybercriminals break in to a company’s network in order to lock their files, RDDoS attacks use the threat of taking down a company’s website with an overload of traffic and this can be crippling to their business.
Just as an organization can usecloud backupand other similar services to protect their data from being locked following a ransomware attack, DDoS protection ensures that a company’s site will remain protected if it’s suddenly flooded with an overload of traffic.
Ransom DDoS attacks
The attack covered in Cloudflare’s latestblog postbegan as many attacks do, with ransom emails sent out to the organization’s employees. These emails contained a ransom note which reads:
“Please perform agooglesearch of “Lazarus Group” to have a look at some of our previous work. Also, perform a search for “NZX” or “New Zealand Stock Exchange” in the news. You don’t want to be like them, do you?… The current fee is 20 Bitcoin (BTC). It’s a small price to pay for what will happen if your whole network goes down. Is it worth it? You decide!… If you decide not to pay, we will start the attack on the indicated date and uphold it until you do. We will completely destroy your reputation and make sure your services will remain offline until you pay…”
The attackers then began sending a large amount of traffic to one of the company’s global data centers by firing gigabits of data per second towards a single server. This led to a denial of service event and generated a series of failure events.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Next the cybercriminals launched a “teaser” attack at the end of a work day that was quite difficult to mitigate due to the fact that the organization was still using an on-demand scrubbing center service. An employee at the company who spoke with Cloudflare then “realized that an always-on service would have been much more effecting than on-demand, reactionary control that takes time to implement”.
Mitigating against DDoS attacks can be quite difficult when an attack is already in progress which is why businesses should consider using real-time DDoS protection instead. We’ll likely see an increase insimilar attacksthis year, so now is the time to take the necessary precautions or risk having your website taken down or even worse, having to pay an exorbitant ransom not to be targeted by such an attack.
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
I’ve used Genmoji and now I’m convinced Apple Intelligence will be a huge success
