Ransomware attacks may be the latest craze, but security professionals are more concerned about next year’s major threat- ransom-driven DDoS attacks.
Corero Network Security recently interviewed security practitioners at Infosecurity Europe to get a better understanding of what the community’s’ main concerns are for the next year.
The results overwhelmingly found that 80% of interviewees believe their organization will be faced with a DDoS ransom attack, and even worse, 43% feel their superiors will pay the ransom.
Interviewees also had some stark words for ISPs, with 59% of respondents worried their provider is not doing enough to protect their organization from DDoS attacks. The vast major of respondents also feels that net neutrality principals are possibly being used by ISPs to avoid accepting responsibility to offer adequate DDoS mitigation.
While telecom providers have traditionally directed traffic from one destination to another without passing judgment about the content, customers today want their telecom providers to deliver good, clean traffic, where the threats have been proactively removed.
Towards the end of April 2016, Action Fraud, the UK’s National Fraud & Cybercrime Report Center, claimed that numerous businesses had received extortion demands.
The article went on to say, “The group has sent emails demanding payment of 5 Bitcoins to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid. If their demand is not met, they have threatened to launch a Distributed Denial of Service (DDoS) attack against the businesses’ websites and networks, taking them offline until payment is made.”
NNT’s CTO Mark Kedgley advises a two-pronged approach to avoid falling victim to a ransom-driven DDoS attack- get layered defenses in place, and also back it up with real-time host intrusion detection through File Integrity Monitoring. With these defenses in place, if a cyber-attack proves successful, you’ll at least know about it in real time, instead of after the fact once serious damage has been done.
Read this article on InfoSecurity Magazine