The trick to being prepared for distributed denial of service (DDoS) attacks could be as easy as rolling out a web application firewall because it can block attacks where they most commonly occur - at the application layer.
That's according to Penta Security, which says that cybercriminals are finding new ways to scale up their attacks, and they may even modify existing attack methods they already have in the toolbox.
Ransom DDoS is one of these modified attack methods, which combines a ransom demand with the threat of a DDoS attack. Those who don't pay the ransom are then subjected to an attack.
Penta Security explains, “[DDoS attacks] use multiple computers at the same time to generate massive amounts of traffic to a specific website or server in order to paralyse it. In the case of corporations, the service is temporarily suspended due to the attack, and not only damage financially but also the image of the brand and company.
Recent attacks on New Zealand's NZX stock exchange, and on financial institutions around the world in late August and September, showed exactly how DDoS ransoms worked. What's more, the attacks occurred when many businesses are dealing with the new normal of remote working, where security systems may not be as strong as they should be.
“In addition, if the hackers' ransom DDoS attacks continue to fail, there is a possibility that they may be evolving for stronger attacks. Compared to the old DDoS attacks, it is becoming more difficult to deal with due to massive traffic caused at once,” Penta Security states.
The company states that DDoS attacks make up a large part (62%) of ‘electronic financial infringement accidents' over the last five years - ransom DDoS attacks will not help.
Penta Security says that it's important to be able to spot normal traffic and abnormal traffic patterns so that organisations can identify and respond to DDoS attacks.
Organisations' defence solutions can stop this from happening, and it's where security solutions such as web application firewalls (WAFs) can help.
“Individuals should also check regularly if their computers are infected by malicious codes or exploited by DDoS attacks. Computers sometimes become zombie computers even without the users' notice and it makes them also become exploited by DDoS attacks very easily,” the company states.
And as a final warning, businesses that are threatened with DDoS ransoms shouldn't have to give in to ransom demands if they have the right protection and a proactive response.
“Not all DDoS attacks have the same pattern as the hackers. Therefore, we must prepare an effective response by establishing a security strategy and solution that can prevent various attack patterns,” the company concludes.