Over recent years, cyber attackers have become increasingly interested in extorting money from organizations by threatening to launch distributed denial of service (DDoS) attacks at critically important online business systems.
Unfortunately, when even one high-profile victim decides to engage with the cybercriminals, by paying a ransom, we tend to see a further increase in these types of attacks. RDoS attacks have continued to grow in volume as cybercriminals remain on the lookout for more efficient methods to make money. When faced with the costs of their businesses going offline, if a DDoS attack is launched against them, some organizations may believe that paying a ransom demand represents good value for money. But this is playing with fire and offers no guarantee that an attack will not be launched. Thus, it’s important to highlight the danger these attacks pose to businesses and learn how to build a successful defense against them.
Ransom-Driven DDoS Attacks
In a cyber-ransom attack, criminals either send a message threatening to carry out a DDoS attack, or infect organization’s operational systems with ransomware, leaving business data encrypted, unless a ransom is paid by a certain deadline. Many hackers are now motivated by the potential for financial gain and the ease at which such attacks can be performed. Indeed, extortion is one of the oldest tricks in the criminal’s playbook, and one of the easiest ways for today’s hackers to turn a profit.
When service availability is threatened, the victim organization faces costly implications including revenue and reputation loss. Thus, it is not surprising that almost half (43%) of IT security professionals, that took part in our study, thought that it was possible that their organization might pay such a ransom demand, in the hope of circumventing an attack.
How to Deal with DDoS Ransom Threats
Unfortunately, many cybersecurity solutions focus on recovery from criminal extortion attacks, rather than preventing one. However, in the case of DDoS, effective mitigation solutions have evolved, and are now affordable for organizations of all sizes. This means there is now a choice when it comes to the type of DDoS protection which can be deployed, and organizations must find a solution that has the correct balance of risk and cost-effectiveness for them. Overall, Enterprises should take a more proactive stance, when it comes to preventing ransom-related attacks, and one way they can do that is by installing a DDoS protection solution that detects and blocks even the smallest of DDoS attacks, automatically, in real-time, 24×7. Only then can IT security teams have comprehensive visibility into network incursions.