(SPONSORED ARTICLE)

DDoS attacks grow in persistence and sophistication year over year. DDoS attacks targeting extortion are the new high. We have seen new tactics where cybercriminals launch DDoS attacks to demonstrate their potential and demand money in exchange for calling off the attack.

While DDoS extortion, commonly known as ransom DDoS or RDDoS attacks, is not a recent expansion, the mainstreaming of cryptocurrency, Bitcoin, and Ethereum contributed to the recent spike in ransom DDoS attacks. A recent study by WTW and Clyde & Co reveals that global company directors are increasingly worried about cyber extortion.

This demonstrates that the threat of DDoS extortion should not be downplayed; you should be ready for them with the best DDoS mitigation solutions.

DDoS is Supercharging Cyber Extortion

Having started as a primary tool for electronic vandalism, script kiddies' ego boost, or hacktivist protest, DDoS attack has matured and evolved into cyber extortion. It combines with cyber extortion in many ways:

DDoS Extortion on The Rise

The number of DDoS extortion attacks exploded in the recent past.

“If the victim does not respond quickly or does not pay the ransom, the threat actors will launch a DDoS attack on the victim company's public-facing website,” according to the FBI’s flash warning, which calls attention to the intensity and scope of the DDoS extortion campaign.

Ransomware gangs including BlackCat, REvil, Suncrypt, and AvosLocker were observed using DDoS cyber extortion campaigns. Because of their success, other ransomware groups adopted that method. The three unparalleled DDoS extortion campaigns (REvil copycat, Fancy Lazarus, LBA) launched simultaneously in 2021 witnessing a continued trend of DDoS Extortion Behaviors.

In May 2022, a cybersecurity company warned about REvil copycat DDoS extortion attack campaigns against a hospitality company. This time the attackers demanded a payment in Bitcoin to cease the attack. The emerging incidents showcase the attackers never halt their war against businesses.

Preparation is the REAL Way Out

When it comes to preventing the threat of DDoS extortion, no idiom rings truer than “being prepared” with DDoS Mitigation solutions.

Move Away from Static Rate Control

The key to mitigating DDoS attacks is

For example:

Trigger an alerting system to study what caused the deviation and where the traffic is coming from (bad IP, TorIP) and take action (block session, IP or throw captcha for the session or IP). By giving control of setting a DDoS rule based on attributes and deviations, you are building a system that adapts to the changes in business and acts only on significant deviations.

Bring in the DDoS Mitigation Experts

DDoS attacks are touching new heights in intensity and duration -- your DDoS mitigation strategy will definitely need an expert's support. Options in mitigation range from cloud service providers or add-on services to DDoS protection specialists like Indusface.

With a fully managed risk-based platform dedicated to DDoS mitigation back with a 24x7 experts’ support, they can act on alerts from those deviations and report what was done and iteratively continue monitoring it to see if it is effective and make further tweaks if needed.

What's Next?

You are no longer vulnerable to the DDoS extortion threat when you're prepared to mitigate a DDoS attack. Don't wait until you have a DDoS threat to start your protection. Expect attacks and take proper precautions to mitigate possible harm.

If you find any ransom note in your inbox -- Don't panic, Don't Pay -- Make it easier to catch the Extortionist. Call the appropriate law enforcement and report it!

Vinugayathri Chinnasamy is a senior content writer in Indusface. She has been an avid reader & writer in the tech domain since 2015. A strategist and analyst of upcoming tech trends and their impact on the Cybersecurity, IoT, and AI landscape. She is an upcoming content marketer simplifying technical anomalies for aspiring entrepreneurs.