What is DDoS Extortion attack?
Also known as Ransom DDoS (RDDoS) attacks, DDoS Extortion occurs when cybercriminals threaten individuals or organizations to perform a DDoS attack, if a request for blackmail is not met.
The COVID-19 pandemic forced businesses and organizations to switch to working from home. The bad guys seized the opportunity to carry out unprecedented distributed denial of service (DDoS) attacks. These attacks include a DDoS Extortion (DDoS Extortion) campaign known as Lazarus Bear Armada, which is carried out by a group of bad actors starting mid-August 2020.
What is DDoS Extortion attack?
Also known as Ransom DDoS (RDDoS) attacks, DDoS Extortion occurs when cybercriminals threaten individuals or organizations to perform a DDoS attack, if a request for blackmail is not met. These requests force victims to pay with cryptocurrency to avoid traceability by law enforcement.
DDoS Extortion attacks are not the same as Ransomware attacks, in which malware encrypts an organization's systems and databases, preventing legitimate owners and users from accessing them until the ransom is paid. pay.
What are the signs of a DDoS Extortion attack?
The threat agents behind the DDoS Extortion attacks use a number of methods. Some attacks start with a test DDoS attack, targeting a specific element of an organization's online service / application delivery infrastructure to demonstrate the threat is real. This attack is immediately accompanied by a blackmail or email threatening a larger attack if the payment is not made.
Other attacks first send ransom mail or emails outlining the threat to the business and asking for blackmail, form of payment, and a deadline for payment before the attack can be carried out. Attackers often claim that they are capable of a DDoS attack of up to 3Tbps if the request is not met.
Attackers may not always launch threatening attacks and some may not even have the capacity to do so. therefore, organizations should not be afraid of bogus threats.
As is true of all DDoS attacks, DDoS Extortion targets an application or service, overwhelming it with the attacking traffic causing the service to ultimately slow down or shut down completely.
Why are DDoS Extortion attacks dangerous?
Like any DDoS attack, a DDoS Extortion attack blocks legitimate network requests from passing through, which can disrupt operations, cost money, and damage the business's reputation. Accepting blackmail payments is a no-no, as there's no guarantee that attackers won't come back to requesting other payments in the future.
Except in those cases in which a test attack has taken place first, it is difficult to know if the threat is actually real or not. The attackers can claim to have linked up with well-known attack groups that have been reported by the media to add more force to the attack. Because many security experts have heard of massive attacks by groups like 'Armada Collective', this name is believed to increase the severity of the threat, thus forcing the target. have to pay. It's important to note that the threats can still be real.
Usually, cyber attackers conduct reconnaissance before posing their threat. This kind of exploration looks for vulnerabilities to exploit, such as inadequately protected public apps and services. Occasionally, attacks target providers that relay the upstream traffic. By attacking ISPs that provide Internet connectivity, attackers can significantly disrupt the target organizations.
The authorities recommend that the institutions should not pay the ransom, as there is no guarantee that further requests will not be made. However, strong DDoS mitigation measures should be applied to prevent attackers from executing the threat. If the cybercriminals are unable to launch the attack because of containment measures, the threats are essentially neutralized.
You should read it
- DDoS Attack Group Extortion sent requests to extort money to thousands of companies
- What is Volumetric DDoS Attack?
- Warning the emergence of ransomware DDoS attack, the scale can be up to 800Gbps
- 5 Things You Didn't Know About DDoS attacks
- Yandex suffered the largest DDoS attack in history
- How to prevent DDoS attack with Nginx
- What is botnet DDoS?
- Prepare the total force to respond to DDoS attacks in 2014
- Cloudflare provides tools to reduce the effects of free DDoS attacks
- How many DDoS cases are reported in 2019?
- Warning: DDoS attacks are becoming more dangerous both in scale and complexity
- What is DDoS ICMP Flood?
Maybe you are interested
How to fix STOP error 0x0000008E Samsung's unnamed director stated the company's biggest goal is to defeat Apple How to use LastPass to manage passwords professionally How to change the color and size of the mouse pointer on Windows 10 Super lovely wallpaper about the bow: Scorpion, Than Nong, Thien Yet and Thien Hat Use extended mouse buttons to increase efficiency