This week ushered in several news articles about recent DDoS extortion attacks that turned out to be scams conducted by hackers who pretended to be part of the Armada Collective (which is possibly the same cybercrime group known as DD4BC, notorious for its DDoS attacks). Members of this group threatened to launch DDoS attacks on hundreds of businesses unless those businesses paid out a ransom.
Some of those businesses did pay a ransom; the group's bitcoin wallet address shows incoming payments of over $100,000, according to news reports. However, there is no evidence that the Armada Collective did or could launch DDoS attacks on any of the businesses they threatened; the threat was a hoax, a complete scam.
Lessons Learned About DDoS Cyber Extortion
There are two lessons to be learned from this:
1) Never Pay Cybercriminals
Never, ever, pay any ransom to cybercriminals. One reason is that the threat could be empty, as we can see from this latest news. The second reason is that it encourages bad behavior; other cybercriminals will attempt to extort other businesses. The third reason is that if the hackers really do have the ability to cripple your network, they could just up the ante and demand more ransom. Or, worse, they might attack your network anyway, even if you pay the ransom.
Note: By pricing ransom demands below the cost of re-routing DDoS attack traffic through a cloud-based scrubbing center, extortionists hope to tempt the victims into an economically viable method of squelching damaging attacks.
2) DDoS Attacks are Common
Although hoaxes do happen, there is no doubt that DDoS attacks are common, and are a favorite tactic for extortionists. According to Dark Reading, Neustar reported that “73% of global brands reported a DDoS attack in 2015, and over eight in 10 corporations were struck by multiple DDoS attacks.” Organizations should not take the risk of being vulnerable to DDoS attacks. An ounce of prevention is worth a pound of cure.
People often believe that only large organizations are susceptible, but in reality no organization is immune to DDoS attacks. With the prevalence of DDoS attacks, it makes sense for companies and organizations to defend themselves rather than wait like sitting ducks.
Not All DDoS Solutions Are Effective
Unfortunately, not all forms of DDoS protection solutions are created equal. For example, traditional scrubbing solutions often overlook the short-duration, low-threshold DDoS attacks that have become increasingly common. Such attacks may not crash a network or website, but they can cause other damage:
- They can force the target company to spend a lot of time and money to scrub the traffic with a traditional cloud-based scrubbing solution; or
- They can create a smokescreen that distracts the IT staff while the hackers infiltrate the network to steal sensitive data or install malware.
The best defense against DDoS attacks is an in-line, automated DDoS mitigation solution that catches not some but all DDoS attempts—even the low-threshold, short duration attacks—and stops them in their tracks.
See how Corero can help protect your organization from DDoS attacks. Contact us today!