Security researchers at Imperva observed an RDoS activity against one of their customer’s entire network. In this attack, threat actors demanded a ransom of 30 bitcoin (approximately $328,000) to stop the attack, with an additional 10 bitcoin (approximately $110,000) demanded for each day the ransom remains unpaid. Attackers further threatened to carry another DDoS attack on the company’s main IP address to prove it wasn’t a hoax.
RDoS attacks on the rise
DDoS attacks don’t always involve a ransom demand. But it looks like attackers are trying to play on the company’s fear of bearing losses incurred even by the slightest of downtime.
Of late, security researchers continue to witness a growing number of Ransom Denial of Service (RDoS) threats targeting major companies around the world. These threats are part of massive extortion campaigns aiming at thousands of large commercial organizations worldwide including the financial services industry.
RDoS campaigns are nothing but Distributed Denial of Service (DDoS) threats by extortionists who target major companies to cripple their digital infrastructure motivated by financial gain. The extortionists demand payment in bitcoin currency to prevent a DDoS attack on their target’s network.
As we have explained before, the DDoS attack continues to remain one of the most sophisticated attacks in the absence of potential prevention policy at large.
Should companies pay?
The question arises: Should companies pay? According to security researchers, paying will neither help nor guarantee an end to the problem.
“Known cyber threat groups that engage in RDoS campaigns usually don’t announce their intention to attack, so if you receive an extortion email prior to an attack there’s a good chance it’s a scam, or that the attackers aren’t who they claim to be and don’t possess major DDoS capabilities,” Imperva said.
“The extortionists might add you to a list of companies who pay out and just keep on threatening you and demanding even more money. They might even attack you even if you’ve paid,” it added.
Researchers believe third-party DDoS protection tools should help companies strengthen their defense methodology. It will help the companies detect and mitigate attacks exploiting application and server vulnerabilities and more.
Check out our detailed article to know more about DDoS attacks and how to prevent them.