Research from Corero Network Security has found that 80% of European IT security professionals expect DDoS ransom attacks to target their business within the next 12 months.
A poll of experts at the InfoSecurity Europe conference made evident the fears of cyber extortion attempts in the UK and Europe. Furthermore, warnings were issued by the City of London Police in May this year following risks identified from warnings by Lizard Squad, who were threatening charges of around £1,500 to stop DDoS attacks orchestrated by them. Corero also observed a sharp increase in DDoSers targeting theircustomers at the end of 2015, giving further gravity to the findings of this research.
Even more concerning was the finding that almost half of these IT security professionals (43%) thought that it was possible that their organization might pay such a ransom demand.
Dave Larson, COO at Corero Network Security, comments: “Extortion is one of the oldest tricks in the criminal’s book, and one of the easiest ways for today’s hackers to turn a profit. When your website is taken offline, it can cost businesses over $6500 a minute in lost revenue, so it’s understandable why some organizations choose to pay the ransom. But this is a dangerous game, because just a few willing participants encourage these threats to spread like wildfire. Rather than trying to negotiate with criminals, the only way to beat these attacks is to have a robust, real-time DDoS mitigation system in place, which can defend against attacks and prevent downtime.
“Our research data indicates that DDoS ransom attack threats are not only increasing in frequency but also being used by cyber criminals in new and creative ways to extract money from victims. For example, low-level, sub-saturating DDoS attacks are usually used as a precursor to ransomware attacks. Because they are so short – typically less than five minutes in duration – they are usually not detected by security teams and allow hackers to find pathways and test for vulnerabilities within a network which can later be exploited through other techniques.”
We have heard also that companies that meet ransom dfemands often risk putting themselves on a “suckers list” that means they’re known to cough up and will be targeted again in future on the assumption they’ll pay again.
As DDoS attacks become increasingly sophisticated, many organizations are looking further upstream to their Internet Service Provider to protect them against DDoS threats. The majority of those surveyed (59%) worry that their ISP does not provide enough protection against DDoS attacks, and almost a quarter (24%) of respondents believes that their ISP is to blame if a DDoS attack affects their business.
Furthermore, over half of those surveyed (53%) believe that ISPs are hiding behind net neutrality laws – the concept of treating all online traffic equally – as a way to dodge their responsibilities in terms of protecting their customers from cyber attacks, such as DDoS.
Telecoms companies have traditionally been regarded as responsible for directing traffic, without judging the content – the prized concept of net neutrality. Dave Larson tells us “the tide of opinion is changing and many customers now want their telcos to deliver not a decaying mélange of Internet traffic and increasingly sophisticated attack vectors, but a ‘clean pipe’ of good traffic, where the threats have been proactively removed. Providers now have a golden opportunity to offer their customers DDoS protection-as-a-service, and open up valuable new revenue streams in the process – or risk losing their customers.”
Almost 60% of those surveyed (58%) said that would leave their service provider because of poor service, and over a fifth (21%) would leave if they did not offer adequate protection against DDoS attacks.
The research report was compiled by Corero Network Security and examined the views of 103 European IT security professionals at the Infosecurity Europe conference in London during 7-9 June 2016.