If we talk about today’s security landscape without mentioning the effects of the pandemic, we will paint an incomplete picture. In the first quarter of 2020, the DDoS attacks rose by more than 278% compared to Q1 2019 and more than 542% compared to the last quarter, as mentioned in a report by NexusGuard.
Eventually, the number of DDoS attacks reduced due to various factors including better cybersecurity measures. But the year 2020 changed this, with remote working taking precedence over traditional work environments and traditional shopping methods, many industry experts believe that DDoS attacks are once again back in action.
What is a Ransom DDOS attack?
Before getting into Ransom DDOS attacks, first, we need to understand what a DDOS attack is. DDOS stands for distributed denial-of-service attack in which an attacker or a group of attackers attempts to create a lot of traffic or congestion to a target website or service such that it impedes the traffic flow for other users. As a result of a DDOS attack, the target application can get crashed or the users may experience slow speed, downtime or any other odd behaviour.
Ransom DDOS attack happens when hackers attempt to threaten an individual or an organisation with a DDOS attack to extort ransom from the target.
In most cases, the attackers carry out a successful DDOS attack on a target and then leave a note demanding a ransom to stop the attack. The payment to be made is usually in the form of bitcoin. Furthermore, to escalate things and create urgency the attacker may also include a deadline in the ransom note claiming to elevate the attack on exceeding the deadline.
DDoS attacks can sometimes be deployed as a distraction from even more reprehensible activities to divert the attention of security teams while the intruders infiltrate the organization in another way. Organizations may face various types of DDoS attacks – Volumetric Attack, Application Layer Attack and Protocol Attack. So how does one prevent such attacks?
- Develop a DDoS Prevention Plan
- Create DDoS Playbook
- Take Right Network Perimeter Measures
- Take Advantage of Cloud Computing
- Consider DDoS-as-a-Service
What to do immediately when such a threat is received?
First of all, companies should take into consideration that if an attacker claims to have carried out a DDOS attack, this may or may not be true. In some cases, the hackers may also claim to be associated with a well-known hacker’s group just to make sure that they are taken seriously by their victims.
A threat contained in a DDoS ransom note can take several forms:
- The malicious party could claim responsibility for a previous DDoS attack and threaten to launch another.
- They could claim responsibility for a current DDoS attack on the target.
- They could threaten a future DDoS attack, either at a certain moment or at an unspecified point in the future.
While the threat landscape continues to develop, so do security technologies, with organizations looking forward to hybrid work format and people increasingly being dependent on online transactions, threat actors will try to take advantage of this situation. However, with the right measures, anyone can defeat such threats and keep their organizations safe.
The author is Vice President – International Sales at Array Networks.