DDoS attacks that come combined with extortion demands are on the rise

There's been a significant increase in cyber criminals demanding ransom payments to stop their disruption of online services with DDoS attacks.
Written by Danny Palmer, Senior Writer

There's been a significant rise in distributed denial-of-service (DDoS) attacks accompanied by threats of extortion, with criminals demanding ransom payments in exchange for calling off an attack.

DDoS attacks pose problems for organisations when attackers flood servers and online infrastructure with requests for access, slowing down services or taking them fully offline, thus preventing legitimate users from accessing services at all – and cutting off business for the affected organisation.

While they're not an especially advanced form of cyberattack, DDoS attacks still prove to be effective and cybersecurity researchers at Cloudflare have warned that some of the cyber criminals behind DDoS campaigns are becoming more prolific and more aggressive.

SEE: A winning strategy for cybersecurity (ZDNet special report) 

This includes a large rise in the number of ransom DDoS attacks – when cyber criminals demand a ransom to stop a DDoS attack or to not conduct one in the first place. According to a survey by Cloudflare, ransom DDoS attacks increased by almost a third between 2020 and 2021 and jumped by 175% in the final quarter of 2021 compared to the previous three months. 

This included large-scale ransom DDoS attacks on voice over IP (VoIP) service providers

According to Cloudflare, just over one in five DDoS attacks was accompanied by a ransom note from the attacker during 2021. In December, a prime time for online retailers in the run up to Christmas, one in three of the organisations surveyed said they received a ransom letter relating to a DDoS attack.

Targets on the receiving end of DDoS attacks can commonly include online retailers, online local governments, cloud-based business applications, streaming services and online games.

"Over the years, it has become increasingly easier for attackers to launch DDoS attacks," researchers warned in the blog post.

There are number of steps organisations can take to avoid disruption as a result of DDoS attacks. These steps include using cloud-based hosting providers, deploying IP stresser services to test bandwidth capabilities, and employing a DDoS mitigation service.


Editorial standards