IT disaster recovery, cloud computing and information security news

RDDoS attacks on organizations becoming as important as ransomware says report

44 percent of organizations have been the target or victim of a ransom-related distributed denial of service (RDDoS) attack in the last 12 months, according to new research from the Neustar International Security Council (NISC). During the same period, 41 percent reported being on the receiving end of a ransomware attack.

Of the organizations hit by RDDoS in the last year, 70 percent said they had been targeted multiple times, with 36 percent opting to pay the ransom. In comparison, more than half (57 percent) of ransomware victims reported being targeted more than once, with more than a third (36 percent) choosing to pay out.

While RDDoS threats are not new for many online industries, attackers have increasingly turned their attention to a wider variety of sectors including financial services, government, and telecoms. The perpetrators of these attacks are also increasingly aligned with powerful nation state hacking groups – or claiming to be. In late 2020, a major Fortune Global 500 company was targeted by hackers claiming to be North Korean state-backed Lazarus Group, and in a larger wave of DDoS extortion campaigns this June, attackers claimed to be from either Lazarus Group or Russian state-backed Fancy Bear. In each case, the businesses received extortion emails demanding Bitcoin payment.

“Rather than spending a lot of time and careful planning on infecting an organization’s network with malware or ransomware, cyber criminals are taking an easier approach and using DDoS as a ransom vector,” said Rodney Joffe, Chairman of NISC, SVP and Fellow, Neustar. “For bad actors, launching a DDoS attack is relatively simple and also has the added benefit of being harder to trace back to its origin.”

Despite having now been around for a while, just a quarter (24 percent) of cyber security professionals reported feeling ‘very confident’ in their organization’s knowledge of how to respond to an RDDoS attack.

According to Joffe, paying a ransom should be avoided at all costs: “It’s common for organizations to feel pressure to pay to get their website back up and running and avoid disruption. However, with attackers targeting the same company multiple times, paying the ransom only makes it more likely that you will fall victim again. Instead, businesses must take an ‘always on’ approach to DDoS security, ensuring that their site remains protected even in the event of an attack.”

www.nisc.neustar



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.