- 3 handy upgrades in MacOS 15.1 - especially if AI isn't your thing (like me)
- Your Android device is vulnerable to attack and Google's fix is imminent
- Microsoft's Copilot AI is coming to your Office apps - whether you like it or not
- How to track US election results on your iPhone, iPad or Apple Watch
- One of the most dependable robot vacuums I've tested isn't a Roborock or Roomba
Attackers Increasingly Turning to DDoS as a Ransom Vector
Nearly half (44%) of organizations have been targeted or fallen victim to a ransom-related distributed denial of service (RDDoS) attack in the past 12 months, according to a survey of 313 cybersecurity professionals by the Neustar International Security Council (NISC).
Interestingly, during the same period, a lower proportion (41%) of organizations were targeted by a ransomware attack, suggesting cyber-criminals are increasingly using DDoS attacks as a means of extorting money from victims.
Rodney Joffe, chairman of NISC, SVP and fellow, Neustar, explained: “Rather than spending a lot of time and careful planning on infecting an organization’s network with malware or ransomware, cyber-criminals are taking an easier approach and using DDoS as a ransom vector. For bad actors, launching a DDoS attack is relatively simple and also has the added benefit of being harder to trace back to its origin.”
The research indicates that this is an effective ransom tactic; 70% of organizations hit by RDDoS were targeted multiple times, and 36% admitted they paid the ransom. This compares to 57% of those infected by ransomware being targeted on multiple occasions, with the same proportion (36%) choosing to pay the ransom.
Neustar added that while RDDoS threats have traditionally targeted online industries, attackers are increasingly turning their attention to other sectors, including financial services, government and telecoms.
Worryingly, less than a quarter (24%) of cybersecurity professionals said they were ‘very confident’ in their organization’s knowledge of how to respond to an RDDoS attack. The respondents listed ransomware (70%), DDoS (68%) and targeted hacking (66%) as the most increasing cyber-threats to their organization.
Joffe commented, “It’s common for organizations to feel pressure to pay to get their website back up and running and avoid disruption. However, with attackers targeting the same company multiple times, paying the ransom only makes it more likely that you will fall victim again. Instead, businesses must take an ‘always on’ approach to DDoS security, ensuring that their site remains protected even in the event of an attack.”