Tuesday, Sep 29, 2020 | Last Update : 03:43 AM IST

188th Day Of Lockdown

Maharashtra1339232103001535571 Andhra Pradesh6756746050905708 Tamil Nadu5808085251549313 Karnataka5755664622418582 Uttar Pradesh3870853258885594 Delhi2711142366515235 West Bengal2474252169214781 Odisha209374173571850 Telangana1872111564311107 Bihar178882164537888 Kerala175385117917678 Assam169985139977655 Gujarat1332191132403417 Rajasthan1288591077181441 Haryana1237821059901307 Madhya Pradesh117588932382207 Punjab107096840253134 Chhatisgarh9856566860777 Jharkhand7770964515661 Jammu and Kashmir69832495571105 Uttarakhand4533233642555 Goa3107125071386 Puducherry2548919781494 Tripura2412717464262 Himachal Pradesh136799526152 Chandigarh112128677145 Manipur9791760263 Arunachal Pradesh8649623014 Nagaland5768469311 Meghalaya5158334343 Sikkim2707199431 Mizoram178612880
  Technology   In Other news  07 Aug 2017  DDoS attacks get smarter, badder

DDoS attacks get smarter, badder

DECCAN CHRONICLE
Published : Aug 7, 2017, 8:58 am IST
Updated : Aug 7, 2017, 8:58 am IST

Experts warn that if a victim company decides to pay, it may bring long-term damage in addition to instant monetary loses.

Fraudsters send out threatening messages to a large number of companies in the hope that someone will decide to be better safe than sorry.
 Fraudsters send out threatening messages to a large number of companies in the hope that someone will decide to be better safe than sorry.

Long-lasting DDoS attacks are back in business.  The following statement was put forth by Kaspersky Lab, which announced its latest Q2 2017 DDoS Intelligence Report last week. The longest attack in the quarter was active for 277 hours (more than 11 days) – which is a 131 per cent increase compared to Q1 – a current record for the year.

Not only were the duration of DDoS attacks in Q2 notable, the geography of incidents also showed a dramatic change, with organisations with online resources located in 86 countries targeted, compared to 72 countries in Q1. The top 10 most affected countries were China, South Korea, US, Hong Kong, UK, Russia, Italy, the Netherlands, Canada and France — with Italy and the Netherlands replacing Vietnam and Denmark that were among the top targets in Q1.

 

During this timeframe, the targets of DDoS attacks included one of the largest news agencies, Al Jazeera, Le Monde and Figaro newspaper websites and reportedly, Skype servers. Additionally, an increase in cryptocurrency rates led to cybercriminals trying to manipulate prices through DDoS. Bitfinex, the largest Bitcoin trading exchange, was attacked simultaneously with the launch of trading in a new cryptocurrency called IOTA token. Earlier, the BTC-E exchange reported a slowdown due to a powerful DDoS attack.

The interest of DDoS attack organisers in cash goes beyond manipulating cryptocurrency rates. Using this type of attack to extort money can be beneficial, as trends in Ransom DDoS or RDoS demonstrate.

 

Cybercriminals usually send a message to the victim demanding a ransom that ranges from five to 200 bitcoins. If the company refuses to pay, attackers threaten to organise a DDoS attack on a critically important online victim resource. Such messages can be accompanied by short-term DDoS attacks to confirm the threats are very real.

At the end of June, a large-scale RDoS attempt was made by the group called Armada Collective, who demanded about $315,000 from seven South Korean banks.

However, there is always another way which has become more popular in the last quarter – Ransom DDoS with no DDoS at all. Fraudsters send out threatening messages to a large number of companies in the hope that someone will decide to be better safe than sorry. Demonstrations of attacks may never happen, but if just one company decides to pay, that brings profit with minimal effort from the cybercriminals.

 

“Nowadays, it’s not just experienced teams of hi-tech cybercriminals that can be Ransom DDoS-attackers,” said Kirill Ilganaev, head of Kaspersky DDoS Protection at Kaspersky Lab. “Any fraudster who doesn’t even have the technical knowledge or skills to organise a full-scale DDoS attack can purchase a demonstrative attack for the purpose of extortion. These people are mostly picking unsavvy companies that don’t protect their resources from DDoS in any way and therefore, can be easily convinced to pay ransom with a simple demonstration.”

Kaspersky Lab experts warn that if a victim company decides to pay, it may bring long-term damage in addition to instant monetary loses. A ‘payer’ reputation spreads fast through the networks and may provoke further attacks from cybercriminals.

 

Tags: hacking, cybercrime, cyberceriminals, ddos, attacks