Rise Of Ransom DDos: How Organisations Can Prepare

While ransomware and DDoS were already a cause of concern for businesses, threat actors are now coupling these two crimes to extort money and cripple business-critical or revenue-making applications. 

Ransome distributed denial of services (RDDoS) is a cybercrime where hackers target companies with loosely protected applications and extort handsome fees. 

What exactly is Ransom DDoS? 

DDoS, simply put, is flooding a server with bot-driven traffic, causing it to shut down. 

Ransom DDoS is a lucrative crime where hackers usually send an extortion letter to a company, threatening to conduct a DDoS attack if the ransom is not paid.  

Sometimes, the threat is immediately followed by a short-term DDoS attack to showcase the seriousness of the caution. Other times, it's an empty threat because carrying out an attack that floods a networks' traffic and continues it for a considerable time requires expertise and diverse resources.  

However, you should never take these threats lightly. After all, there are ample ways to conduct DDoS attacks like DDoS-for-hire services available on the dark web. 

What do threat actors achieve out of this? Money is generally the driving force behind these crimes. Besides, recent years' trends have shown threat actors demand anywhere from 5-200 bitcoins in exchange for not exploiting the company's applications. Thus the rise in bitcoin's popularity seems to be another reason for conducting RDoS. 

What's more destructive is that in some cases, these threats are combined with stealing data, identity theft, and installing malware to encrypt the data and make it even more catastrophic.  

So, what can companies do about it? 

While it's understandable why companies would pay millions to mitigate the risk or stop the ongoing attack, it's never the solution. 

Giving in to the ransom only puts companies in a weak position and makes them vulnerable to future threats. Plus, this approach does not shield their business from future attacks. 

The antidote lies in the preparation 

The ease of carrying out attacks and the increasingly evolving threat landscape only mandates a strong security infrastructure.  

Therefore, it's critical to identify where your assets are, your downtime tolerance and form a robust cyber resilience strategy. Finally, planning a secure security infrastructure ahead of time safeguards your business against these malicious crimes and saves you from reputational damage.