Infosec Pros Fear Growing DDoS Ransom Threat

Written by

Ransomware may be getting all the headlines these days, but ransom-driven DDoS attacks are likely to become a major threat to organizations next year, according to a new poll of IT security professionals.

Corero Network Security interviewed attendees at Infosecurity Europe this year to better understand what practitioners on the front line are most concerned about over the next 12 months.

Over three-quarters (80%) said they believe their organization will be threatened with a DDoS ransom attack, and nearly half (43%) said their bosses might pay up.

ISPs came in for some harsh words, with over half of respondents (59%) worried their provider isn’t doing enough to protect them from DDoS attacks, and nearly a quarter (24%) claiming their ISP is to blame if a DDoS affects their business.

There's a possibility net neutrality principals are also being used by service providers to avoid facing up to their responsibilities to offer adequate DDoS mitigation, a majority of respondents claimed.

“A telecom company’s role has traditionally been to direct traffic from one destination to another, without passing judgment about the content. Net neutrality, in which carriers treat all data the same, was prized above all else,” said Corero COO, Dave Larson.

“But the tide of opinion is changing and many customers now want their telcos to deliver not a decaying mélange of internet traffic and increasingly sophisticated attack vectors, but a ‘clean pipe’ of good traffic, where the threats have been proactively removed.”

Although Corero have a vested interest in hyping up the DDoS threat, it’s not without substance.

At the end of April, the UK’s national fraud and cybercrime reporting center Action Fraud claimed that a “number of businesses” had received extortion demands.

It explained:

“The group have sent emails demanding payment of 5 Bitcoins to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid.

If their demand is not met, they have threatened to launch a Distributed Denial of Service (DDoS) attack against the businesses’ websites and networks, taking them offline until payment is made.”

However, it’s likely the extortionists were bluffing, and Action Fraud urged any businesses receiving such threats not to pay the demand.

What’s hot on Infosecurity Magazine?