The Rise of Ransom-Driven DDoS Attacks

In recent weeks, cyber attackers have become even more interested in extorting money from organizations by threatening to organize a distributed denial of service (DDoS) attack on critically important online systems.

These include a hacker group calling itself ANX-Rans that tried to extort a French company, as well as a group called CyberTeam that tried to extract a ransom payment of 5 Bitcoin ($20,000) from, the website of a prominent Swiss security researcher. These incidents come as no surprise as ransom-related Denial of Service attacks (RDoS) have been on the rise since mid-June after a South Korean hosting provider paid a ransom of nearly $1 million after web ransomware encrypted its customer servers.

Unfortunately when even one, high-profile victim decides to engage with attackers by paying a ransom, we tend to see an increase in these types of attacks. RDoS attacks have grown in volume as cyber criminals are constantly on the lookout for more efficient methods to attack systems and obtain profits. When faced with the costs of their businesses going offline if a successful DDoS attack is launched against them, some organisations may believe that paying a ransom demand represents good value for money. But this is playing with fire, and offers no guarantee that an attack will not be launched. Thus, it’s important to highlight the danger these attacks pose to businesses and learn how to build a successful defence against them.

Ransom-Driven DDoS Attacks

In a RDoS attack, cyber criminals send a message threatening to carry out a DDos attack, or infect organization’s operational systems with ransomware, unless a ransom is paid by a certain deadline. Many hackers are motivated by the potential for financial gain and the ease at which such attacks can be performed. Indeed, extortion is one of the oldest tricks in the criminal’s book, and one of the easiest ways for today’s hackers to turn a profit. These attacks have become so common that according to a 2016 study, we found that 80 percent of European IT security professionals expect their business to be threatened with a DDoS ransom attack during the next 12 months.

When service availability is threatened, the victim company is facing costly implications including revenue and reputation loss. Thus, it is not surprising that almost half of IT security professionals (43%) that took part in our study thought that it was possible that their organization might pay such a ransom demand in the hope of circumventing an attack.

How to Deal with DDoS Ransom Threats

Unfortunately, most cyber security solutions focus on recovery from criminal extortion attacks, rather than preventing one. But, DDoS mitigation solutions have evolved, and become more affordable, for companies of all sizes. This means that companies now have choices in their type of DDoS protection, and they must find a solution that is cost-effective for them. Enterprises should take a more proactive stance when it comes to preventing ransom-related attacks, and one way they can do that is by installing DDoS protection hardware that detects and blocks even the smallest of DDoS attacks, 24×7. Only then can IT security teams have comprehensive visibility into network incursions.

To find out more, contact us.