Home News Threat Actors Turning to RDDoS Attacks as a New Ransom Vector

Threat Actors Turning to RDDoS Attacks as a New Ransom Vector

In an RDDoS attack, cybercriminals either launch a DDoS attack and then demand ransom to stop, or they may ask for the ransom first by threatening with a DDoS attack if not paid.

SHARE
DDoS Attacks in Russia , RDDoS attacks, DDoS attack on New Zealand Banks

While ransomware attacks are taking the corporate world by storm, a latest analysis revealed that over 44% of businesses sustained a ransom distributed denial of service (RDDoS) attack in the past 12 months. The Neustar International Security Council (NISC) analysis disclosed that nearly 70% of organizations were targeted with RDDoS attacks, and 36% agreed to pay the ransom.

What’s an RDDoS Attack?

A ransom DDoS attack is an extortion scheme in which malicious actors demand organizations or individuals pay the ransom by threatening the victims with a DDoS attack. In an RDDoS attack, cybercriminals either launch a DDoS attack and then demand ransom to stop, or they may ask for the ransom first by threatening with a DDoS attack if not paid.

Ransomware Operators Turning to RDDoS Attacks

NISC highlighted that several cybercriminal groups are leveraging RDDoS attack techniques to target various industries, including financial services, telecommunications, and government agencies. The research revealed that only 24% of organizations said they know how to respond to RDDoS attacks. Over 56% of organizations stated they outsource their DDoS mitigation to third parties. The research findings indicate that threat actors are using RDDoS as an effective ransom extortion technique.

“Rather than spending a lot of time and careful planning on infecting an organization’s network with malware or ransomware, cybercriminals are taking an easier approach and using DDoS as a ransom vector. For bad actors, launching a DDoS attack is relatively simple and has the added benefit of being harder to trace back to its origin,” said Rodney Joffe, Chairman of NISC, SVP and Fellow.

“It’s common for organizations to feel pressure to pay to get their website back up and running and avoid disruption. However, with attackers targeting the same company multiple times, paying the ransom only makes it more likely that you will fall victim again. Instead, businesses must take an ‘always on’ approach to DDoS security, ensuring that their site remains protected even in the event of an attack.”