sb-eu logo
Story image

Ransom DDoS attacks can be defeated with proactive prevention - Penta Security

11 Nov 2020

The trick to being prepared for distributed denial of service (DDoS) attacks could be as easy as rolling out a web application firewall because it can block attacks where they most commonly occur - at the application layer.

That’s according to Penta Security, which says that cybercriminals are finding new ways to scale up their attacks, and they may even modify existing attack methods they already have in the toolbox.

Ransom DDoS is one of these modified attack methods, which combines a ransom demand with the threat of a DDoS attack. Those who don’t pay the ransom are then subjected to an attack.

Penta Security explains, “[DDoS attacks] use multiple computers at the same time to generate massive amounts of traffic to a specific website or server in order to paralyse it. In the case of corporations, the service is temporarily suspended due to the attack, and not only damage financially but also the image of the brand and company.”

Recent attacks on New Zealand’s NZX stock exchange, and on financial institutions around the world in late August and September, showed exactly how DDoS ransoms worked. What’s more, the attacks occurred when many businesses are dealing with the new normal of remote working, where security systems may not be as strong as they should be.

“In addition, if the hackers’ ransom DDoS attacks continue to fail, there is a possibility that they may be evolving for stronger attacks. Compared to the old DDoS attacks, it is becoming more difficult to deal with due to massive traffic caused at once,” Penta Security states.

The company states that DDoS attacks make up a large part (62%) of ‘electronic financial infringement accidents’ over the last five years - ransom DDoS attacks will not help.

Penta Security says that it’s important to be able to spot normal traffic and abnormal traffic patterns so that organisations can identify and respond to DDoS attacks.

Organisations’ defence solutions can stop this from happening, and it’s where security solutions such as web application firewalls (WAFs) can help.

“Individuals should also check regularly if their computers are infected by malicious codes or exploited by DDoS attacks. Computers sometimes become zombie computers even without the users’ notice and it makes them also become exploited by DDoS attacks very easily,” the company states.

And as a final warning, businesses that are threatened with DDoS ransoms shouldn’t have to give in to ransom demands if they have the right protection and a proactive response.

“Not all DDoS attacks have the same pattern as the hackers. Therefore, we must prepare an effective response by establishing a security strategy and solution that can prevent various attack patterns,” the company concludes.

Story image
Dell updates data protection/management solutions
PowerProtect DP series is an integrated data protection appliance, offering a range of capabilities to protect and manage data.More
Story image
Ivanti extends ESM automation capabilities with latest additions
Ivanti has made additions to its Enterprise Service Management (ESM) portfolio, with greater automation capabilities between service management and SecOps. More
Story image
Claroty finds four vulnerabilities in Schneider Electric OT device
Unmitigated vulnerabilities could give an attacker access to the device, enabling the attacker to break encryption, modify code, and run certain commands.More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Kaspersky identifies new banking malware targeting mobile users
"We recommend that financial institutions watch these threats closely, while improving their authentication processes, boosting anti-fraud technology and threat intelligence data, and trying to understand and mitigate all risks of this new mobile RAT family.”More
Story image
CyberArk launches Forescout and Phosphorus integration to aid with IoT security
“Through our integration with Forescout and Phosphorus, CyberArk dramatically improves security and compliance, and alleviates the burden on IT and security teams."More