Ransom-based threats are evolving once again, with operators now throwing distributed denial of service (DDoS) into the mix.
As reported by the Neustar International Security Council (NISC), more than two-fifths (44 percent) of organizations have been targeted by a ransom-related DDoS attack in the last twelve months. During the same period, fewer organizations suffered a “traditional” ransomware attack.
A ransom-related DDoS attack, or RDDoS, is relatively simple: a criminal group launches a DDoS attack against a website or app, and demands payment in exchange for withdrawing.
In some cases, criminals combine old and new techniques, stealing and encrypting all of the data on a target network, and then DDoS-ing the front-facing elements. To top it all off, they even sometimes confront victims over the phone in an attempt to intimidate them into paying the ransom.
Of all the firms hit by RDDoS in the last year, almost three-quarters (70 percent) said they were hit multiple times and roughly a third (36 percent) paid the ransom. According to Neustar, most cybersecurity professionals aren’t fully confident in their ability to prevent an RDDoS attack.
“Rather than spending a lot of time and careful planning on infecting an organization’s network with malware or ransomware, cybercriminals are taking an easier approach and using DDoS as a ransom vector,” said Rodney Joffe, NISC Chairman. “For bad actors, launching a DDoS attack is relatively simple and also has the added benefit of being harder to trace back to its origin.”
- Keep your organization safe with the best business antivirus solutions right now