sb-au logo
Story image

Ransom DDoS attacks can be defeated with proactive prevention - Penta Security

11 Nov 2020

The trick to being prepared for distributed denial of service (DDoS) attacks could be as easy as rolling out a web application firewall because it can block attacks where they most commonly occur - at the application layer.

That’s according to Penta Security, which says that cybercriminals are finding new ways to scale up their attacks, and they may even modify existing attack methods they already have in the toolbox.

Ransom DDoS is one of these modified attack methods, which combines a ransom demand with the threat of a DDoS attack. Those who don’t pay the ransom are then subjected to an attack.

Penta Security explains, “[DDoS attacks] use multiple computers at the same time to generate massive amounts of traffic to a specific website or server in order to paralyse it. In the case of corporations, the service is temporarily suspended due to the attack, and not only damage financially but also the image of the brand and company.”

Recent attacks on New Zealand’s NZX stock exchange, and on financial institutions around the world in late August and September, showed exactly how DDoS ransoms worked. What’s more, the attacks occurred when many businesses are dealing with the new normal of remote working, where security systems may not be as strong as they should be.

“In addition, if the hackers’ ransom DDoS attacks continue to fail, there is a possibility that they may be evolving for stronger attacks. Compared to the old DDoS attacks, it is becoming more difficult to deal with due to massive traffic caused at once,” Penta Security states.

The company states that DDoS attacks make up a large part (62%) of ‘electronic financial infringement accidents’ over the last five years - ransom DDoS attacks will not help.

Penta Security says that it’s important to be able to spot normal traffic and abnormal traffic patterns so that organisations can identify and respond to DDoS attacks.

Organisations’ defence solutions can stop this from happening, and it’s where security solutions such as web application firewalls (WAFs) can help.

“Individuals should also check regularly if their computers are infected by malicious codes or exploited by DDoS attacks. Computers sometimes become zombie computers even without the users’ notice and it makes them also become exploited by DDoS attacks very easily,” the company states.

And as a final warning, businesses that are threatened with DDoS ransoms shouldn’t have to give in to ransom demands if they have the right protection and a proactive response.

“Not all DDoS attacks have the same pattern as the hackers. Therefore, we must prepare an effective response by establishing a security strategy and solution that can prevent various attack patterns,” the company concludes.

Story image
Kaseya acquires RocketCyber to bring SOC solutions to more businesses
"With this acquisition, we've doubled down on our security investments to provide our customers with access to experts who can continuously monitoring their IT environments without the cost and complexity of disparate tools.”More
Story image
Research reveals increase in critical, low complexity vulnerabilities
2020 saw a large spike in physical and adjacent vulnerabilities, likely due to the proliferation of IoT and smart devices in use and being tested by researchers.More
Story image
ExtraHop reveals methods used by attackers in SUNBURST breach
The network detection and response company says between late March and early October 2020, detections of probable malicious activity increased by approximately 150%, including detections of lateral movement, privilege escalation and command and control beaconing.More
Story image
Cybersecurity risk has never been greater," declares FortiGuard Labs
Adversaries are highly adaptable as they conduct sophisticated attacks, particularly against remote workers, digital supply chains, and core networks.More
Story image
How to stay ahead of the next cyber breach
With so many people working from home, the corresponding surge in app usage, unmanaged devices, web traffic and accessing internal resources is making security a much trickier prospect.More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More