What is DDoS Extortion attack?

Also known as Ransom DDoS (RDDoS) attacks, DDoS Extortion occurs when cybercriminals threaten individuals or organizations to perform a DDoS attack, if a request for blackmail is not met.

The COVID-19 pandemic forced businesses and organizations to switch to working from home. The bad guys seized the opportunity to carry out unprecedented distributed denial of service (DDoS) attacks. These attacks include a DDoS Extortion (DDoS Extortion) campaign known as Lazarus Bear Armada, which is carried out by a group of bad actors starting mid-August 2020.

What is DDoS Extortion attack?

Also known as Ransom DDoS (RDDoS) attacks, DDoS Extortion occurs when cybercriminals threaten individuals or organizations to perform a DDoS attack, if a request for blackmail is not met. These requests force victims to pay with cryptocurrency to avoid traceability by law enforcement.

DDoS Extortion attacks are not the same as Ransomware attacks, in which malware encrypts an organization's systems and databases, preventing legitimate owners and users from accessing them until the ransom is paid. pay.

Picture 1 of What is DDoS Extortion attack?

What are the signs of a DDoS Extortion attack?

The threat agents behind the DDoS Extortion attacks use a number of methods. Some attacks start with a test DDoS attack, targeting a specific element of an organization's online service / application delivery infrastructure to demonstrate the threat is real. This attack is immediately accompanied by a blackmail or email threatening a larger attack if the payment is not made.

Other attacks first send ransom mail or emails outlining the threat to the business and asking for blackmail, form of payment, and a deadline for payment before the attack can be carried out. Attackers often claim that they are capable of a DDoS attack of up to 3Tbps if the request is not met.

Attackers may not always launch threatening attacks and some may not even have the capacity to do so. therefore, organizations should not be afraid of bogus threats.

As is true of all DDoS attacks, DDoS Extortion targets an application or service, overwhelming it with the attacking traffic causing the service to ultimately slow down or shut down completely.

Why are DDoS Extortion attacks dangerous?

Like any DDoS attack, a DDoS Extortion attack blocks legitimate network requests from passing through, which can disrupt operations, cost money, and damage the business's reputation. Accepting blackmail payments is a no-no, as there's no guarantee that attackers won't come back to requesting other payments in the future.

Picture 2 of What is DDoS Extortion attack?

Except in those cases in which a test attack has taken place first, it is difficult to know if the threat is actually real or not. The attackers can claim to have linked up with well-known attack groups that have been reported by the media to add more force to the attack. Because many security experts have heard of massive attacks by groups like 'Armada Collective', this name is believed to increase the severity of the threat, thus forcing the target. have to pay. It's important to note that the threats can still be real.

Usually, cyber attackers conduct reconnaissance before posing their threat. This kind of exploration looks for vulnerabilities to exploit, such as inadequately protected public apps and services. Occasionally, attacks target providers that relay the upstream traffic. By attacking ISPs that provide Internet connectivity, attackers can significantly disrupt the target organizations.

The authorities recommend that the institutions should not pay the ransom, as there is no guarantee that further requests will not be made. However, strong DDoS mitigation measures should be applied to prevent attackers from executing the threat. If the cybercriminals are unable to launch the attack because of containment measures, the threats are essentially neutralized.

Update 15 March 2021
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile