DDoS attacks: Big rise in threats to overload business networks

Cyber attackers are threatening to take organisations offline with DDoS attacks if they aren't paid bitcoin by a deadline - but victims are being urged not to give into demands.
Written by Danny Palmer, Senior Writer

Distributed Denial of Service (DDoS) attacks have more than doubled in the past year, along with a significant jump in attempts by attackers to threaten such attacks unless a ransom is paid.

Analysis of cyber threats and criminal activity by security researchers at Neustar found that the number of DDoS attacks (DDoS) grew by 154% between 2019 and 2020. Financial services, telecommunications and government agencies are some of the sectors most targeted by attackers.

One of the reasons DDoS attacks are increasing in popularity is because they're relatively simple to carry out, even for low-level cyber criminals.

SEE: Network security policy (TechRepublic Premium)

Rather than having to rely on ransomware or other malware to hold a network hostage, DDoS attackers merely threaten their victims with the prospect of DDoS if the payment – usually demanded in bitcoin – isn't received by a deadline. Criminals will often present a taster of what could come with a short-lived DDoS attack in an effort to coerce the victim into paying.

All the DDoS attacker needs is a botnet to overload the target systems with traffic – something that can be hired on underground forums for a relatively low cost – and the ability to threaten organisations with the prospect of an attack over email.

Some criminals behind DDoS ransom attacks will pretend to be notorious hacking groups, such as Fancy Bear or other nation-state-linked operations, in their ransom notes in an effort to scare the victim into paying up – and many organisations are, through fear of being taken offline even though there are many ways to mitigate such attacks.

However, despite the threats of being knocked offline, organisations are urged to not give into the demands of cyber criminals, so as to not encourage a further rise in ransom-led DDoS attacks.

SEE: How do we stop cyber weapons from getting out of control?

"Organisations should avoid paying these ransoms. Instead, any attack should be reported to the nearest law enforcement field office, as the information may help identify the attackers and ultimately hold them accountable," said Michael Kaczmarek, vice president of security product management at Neustar.

"Beyond this, organisations can prepare by setting up a robust DDoS mitigation strategy, including assessing the risks, evaluating available solutions, considering mitigation strategies, and keeping their plan and provider up to date."


Editorial standards