By Ezer Goshen, VP of Business Development and Strategic Partnerships, Radware.
Over the years, extortion has shifted from the physical world to the cyber realm, where computer networks and data are now held hostage for profit.
From ransomware to Ransom Denial of Service (RDoS), threat actors aim to extort money – usually in the form of cryptocurrency – from victims by threatening to degrade networks or encrypt systems and block access to systems until payment is rendered.
Ransomware is widely recognized. Here malicious actors cast of a wide net in the hopes of tricking a large number of unfortunate users to pay small sums. The flip side of this story is the ransom denial of service realm, which targets larger organizations and asks for large payments.
Radware reported that from 2020 to 2021, global RDoS campaign attacks ranged from a few hours up to several weeks, with attack rates of 200 Gbps and higher.
An RDoS attack starts with the attacker sending a private message by email, for example, using a privacy-minded email provider, and requesting payment of a certain ransom amount to prevent the organization from being targeted by a DDoS assault. If an organization decides not to pay within a set deadline, the attacker will start a DDoS attack and continue until the ransom is paid.
To add credibility, within the ransom letter, an attacker will often refer to a demonstration DDoS attack, which is a DDoS assault launched prior to the payment deadline. It’s meant to validate the legitimacy of the threat and can impact services if the victim doesn’t have adequate DDoS defenses in place.
In 2022, attackers are revisiting previous targets that did not pay and expanding to additional sectors.
Preparing for DoS campaigns is key
Ultimately, the best defense for any RDoS threat is ensuring that comprehensive protection is in place before any ransom threat is received. DDoS protection is not a one-size-fits-all proposition, and there are many types of protection options, depending on the characteristics, risk and value of your digital assets.
Organizations with comprehensive DDoS protection in place largely diminish the threat to internal assets and processes as well as the threat to external communication systems.
Be proactive. Understand what comprehensive DDoS protection means for your organization if you don’t already have inclusive protection in place. With strong DDoS protection in place, an RDoS attack has little to no effect on a business’s operations.
Read the ultimate guide: The Evolution of RDoS Campaigns – How to Respond to an RDoS Threat. For a complete understanding of the pros and cons of DDoS methods read: Choosing the Right DDoS Solution.
Under attack? Get protected with emergency onboarding.