DDoS Ransom Notes, to Honor or Not to Honor?

In the wake of cyber crimes, a DDoS (Distributed Denial of Service) attack is something to be on the look-out for.

Lately, these attacks have seen phenomenal growth not only with regard to the increasing number of cases but also to new twists of development they are gaining.

DDoS attacks, as the name suggests, bar legitimate users access to a server or network resource by disrupting services of a host linked to the Net.

‘Great Cannon’ of China Blocks Websites Like No One Else Can


Why DDoS attacks?

There are many possible explanations to the increase of DDoS attacks. It is rather unfortunate that some victims of this crime are not aware of its existence in the first place. For some time now, DDoS attacks were connected with some crazy kiddies out there trying to have fun or earn easy cash, not so anymore. With the new development of ransom notes, this concept has taken a whole new turn.

This wave of extortion has gone on a much higher level with attackers not only sending threatening notes but also giving their victims a taste of the damage they can cause.

Aggressive completion in the business world could well be another ground for DDoS attacks. It is not uncommon for some unscrupulous companies to use this means to have competitive advantage or even launch an attack against their rivals.

Politics too has its stake in it. DDoS have also been brought about by philosophical and political rivalry. Elsewhere, groups associated with the hate crime have used DDoS attacks to get even with their enemies.

Reference may also be drawn from attackers craving for attention from targeted sites or even groups, or simply a test of their potential.

For some reason, money is a major motivating factor. Whether for the script kiddie, low-level cyber criminal or well-established gangs like the DD4BC. In fact, the latest extortion attempt by DD4BC on Bitcoin companies serves as an example to money being a motivating factor.

This notorious group has been known to launch their DDoS attack on a lower level say 150 requests/sec together with not more than 40Gbps network layer interruptions. This may be presumed to be a low-level attack but is capable of bringing to the ground small and medium size sites.

As early as 2014 November, it is quite evident that DD4BC have been on bitcoin and gaming websites. They have now taken to the payment industry

What next after getting a DDoS ransom note?

A ransom note typically means that you are a victim, there is a possibility your site is not secure anymore and anything could happen anytime, from when you receive the note. In most instances, a complete shutdown or interruption of your website precedes the note to show you that these criminals are in serious business.

Three choices, take no notice of the note, honor the note with quick payment or face it and declare war. Ignoring the note may be a fifty-fifty solution. It could be a signal to the attackers that you already known them and are well prepared for them and so stop their pursuit or actually carry out their threats on your site which might be costly.

Honoring the ransom note apart from costing you the ransom amount is clear evidence of the unpreparedness of your website and lack of DDoS security thereof. It also exposes your site to many more extortions so expect another ransom note.

The third and best option is to fight back. It doesn’t help just sitting back and watching yourself become a puppet in the hands of these extortionists. A good example is Bitalo Bitcoin Exchange, a company that became DD4BC’s first prey. This company refused to be manipulated and publicized this threat. Bitmain Bitcoin Company was second on the list, coming out in public in March 2014 about the threat they had got from DD4BC.

Taking such a bold step as the two companies did is the way to go about it. This step requires preparedness in the form of a professional DDoS protection. You will need to have this protection set on your systems before or as soon as you get a ransom note. Better still, you can acquire a professional DDoS action plan in place in case your site falls victim to these attacks.

Report typos and corrections to [email protected]

Related Posts