Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 30 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

The profit margins benefiting criminals from illegal DDoS services

by The Gurus
March 27, 2017
in Editor's News
Share on FacebookShare on Twitter

Kaspersky Lab’s experts have studied the DDoS services available on the black market and determined just how far this illegal business has advanced, as well as the extent of its popularity and profitability. The worrying news is that arranging an attack costs as little as $7 an hour, while the targeted company can end up losing thousands, if not millions, of dollars.
 The level of service involved when arranging a DDoS attack on the black market is not very different from that of a legal business. The only difference is that there’s no direct contact between the provider and the customer. The ‘service providers’ offer a convenient site where customers, after registering, can select the service they need, pay for it, and receive a report about the attacks. In some cases, there is even a customer loyalty program, with clients receiving rewards or bonus points for each attack.
There are a number of factors that affect the cost for the customer. One is the type of attack and its source: for example, a botnet made up of popular IoT devices is cheaper than a botnet of servers. However, not all those providing attack services are ready to specify such details. Another factor is the duration of the attack (measured in seconds, hours and days), and the client’s location. DDoS attacks on English-language websites, for example, are usually more expensive than similar attacks on Russian-language sites.
Another big factor affecting the cost is the type of victim. Attacks on government websites and resources protected by dedicated anti-DDoS solutions are much more expensive, as the former are high risk, while the latter are more difficult to attack. For instance, on one DDoS-as-a-service website, the cost of an attack on an unprotected website ranges from $50 to $100, while an attack on a protected site costs $400 or more.
It means a DDoS attack can cost anything from $5 for a 300-second attack, to $400 for 24 hours. The average price for an attack is around $25 per hour. Kaspersky Lab’s experts were also able to calculate that an attack using a cloud-based botnet of 1000 desktops is likely to cost the providers about $7 per hour. That means the cybercriminals organising DDoS attacks are making a profit of around $18 per hour.
There is, however, yet another scenario that offers greater profitability for cybercriminals – it involves the attackers demanding a ransom from a target in return for not launching a DDoS attack, or to call off an ongoing attack. The ransom can be the bitcoin equivalent of thousands of dollars, meaning the profitability of a single attack can exceed 95 per cent. In fact, those carrying out the blackmail don’t even need to have the resources to launch an attack – sometimes the mere threat is enough.
“We expect the profitability of DDoS attacks to continue to grow. As a result, will see them increasingly used to extort, disrupt and mask other more intrusive attacks on businesses. Worryingly, small and medium sized businesses are not confident in their knowledge of how to combat these threats effectively. The longest DDoS attack in 2016 lasted 292 hours according to Kaspersky Lab’s research, or about 12 days. Most online businesses can ill-afford to have their ‘doors closed’ for even an hour, let alone for 292 hours, as criminals take advantage of their poor defences. Companies that host these online sites are also under attack on a daily basis. The channel has a significant opportunity with our help to identify risks, provide strategic advice and deliver the right solutions to customers to prevent damaging DDoS attacks,” says Russ Madley, Head of B2B at Kaspersky Lab UK.
 Interestingly, some cybercriminals have no scruples about selling DDoS attacks alongside protection from them. Kaspersky Lab’s experts, however, do not recommend using criminal services. To learn more about genuine protection against DDoS attacks, follow this link.

FacebookTweetLinkedIn
Tags: CyberMalwaresecurityTechnology
ShareTweetShare
Previous Post

The download, ransomware-as-a-service explained by Ivanti

Next Post

Users are aware of app hacking but lack grasp over severity say Promon

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 30, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information