80% of IT Pros Expect Their Organization to Be Threatened with Ransom-Driven DDoS Attacks | Tripwire

80% of IT Pros Expect Their Organization to Be Threatened with Ransom-Driven DDoS Attacks

Posted on July 8, 2016
FTC Says Identity Theft Victims Don't Always Need a Police Report
According to a new survey, 80 percent of IT security professionals believe that their organization will be threatened with a DDoS ransom attack in the next 12 months. Conducted by Corero Network Security, the research includes the responses of 100 security professionals at the Infosecurity Europe conference in London earlier this year. Even more alarming, however, is the fact that nearly half (43 percent) of respondents also believed it was possible that their organization might pay the ransom demand. In May, the City of London Police issued an alert to UK businesses after numerous organizations reported receiving extortion demands via email. The International Business Times reported the emails threatened to launch Distributed Denial of Service (DDoS) attacks against companies that failed to pay the ransom of 5 bitcoins (approximately £1,545 or $2,250). Dave Larson, COO at Corero Network Security, explained why cyber criminals are increasingly leveraging this technique, and why some businesses decide to pay: “Extortion is one of the oldest tricks in the criminal’s book, and one of the easiest ways for today’s hackers to turn a profit,” he said.
“When your website is taken offline, it can cost businesses over $6,500 a minute in lost revenue, so it’s understandable why some organizations choose to pay the ransom. But this is a dangerous game, because just a few willing participants encourage these threats to spread like wildfire,” warned Larson.
Furthermore, Larson stressed that rather than trying to negotiate with criminals, organizations need to be fully prepared to defend their networks against such cyber attacks. “Our research data indicates that DDoS ransom attack threats are not only increasing in frequency but also being used by cyber criminals in new and creative ways to extract money from victims," Larson added. "For example, low-level, sub-saturating DDoS attacks are usually used as a precursor to ransomware attacks. Because they are so short – typically less than five minutes in duration – they are usually not detected by security teams and allow hackers to find pathways and test for vulnerabilities within a network which can later be exploited through other techniques,” he said. Additional findings from the survey included:
  • 59% of those surveyed worry that their ISP does not provide enough protection against DDoS attacks
  • 24% of respondents believe that their ISP is to blame if a DDoS attack affects their business
  • 53% believe that ISPs are hiding behind net neutrality laws
corero-072016.jpg
Join over 20,000 IT security pros who get our top stories delivered to their inbox every week!