Do you know anyone affected by recent ransomware activity? The tragedy of Cryptolocker/Cryptowall, where files are locked down and returned in exchange for a ransom fee, might still be fresh in your minds. Well, the FBI warns that the end of cyber extortion is still far off, and that the next hacking technique that will be used is likely the DDoS attack.
Distributed Denial of Service (DDoS) is generally characterized as an attack that rapidly targets a server with enough traffic to bring it down, effectively terminating site visitors and employees from accessing important information. This has been an effective way for hackers to mildly irritate consumers in the past, but this method is growing more common as a means to extort money from users; much in the same way that ransomware is used to leech money in return for access to your files. As explained by the Internet Crime Complaint Center, “the victim business receives an email threatening a distributed denial-of-service (DDoS) attack to its website unless it pays a ransom."
To avoid being tracked back to the hackers, the ransom is often required to be bitcoin. Attacks like this “ransomware” are growing more common, as they are proving to be lucrative sources of income for hackers who know what they’re doing. In fact, DDoS attacks can even be performed by an amateur user under the right circumstances. As explained in the official public service announcement from the FBI:
Businesses that experienced a DDoS attack reported the attacks consisted primarily of Simple Discovery Protocol (SSDP) and Network Time Protocol (NTP) reflection/amplification attacks, with an occasional SYN-flood and, more recently, Wordpress XML-RPC reflection/amplification attack. The attacks typically lasted one to two hours, with 30 to 35 gigabytes as the physical limit.
DDoS attacks are difficult to dodge completely. Since the server is being targeted by huge amounts of traffic or bandwidth, this can make protecting against them difficult at best. If you become the target of a DDoS attack, try to check where the traffic is primarily coming from. Your best bet is to block access to your server from the IPs constantly targeting it. This helps to prevent further attacks from the same source. It can also be worth completely blocking countries that are known for housing hackers.
If your organization is concerned about DDoS attacks, you can trust Evolve IT to help you through this difficult time. We can help your organization optimize security so that you have little to fear from attacks. And remember; never give in to the demands of hackers. They’re basically bullies with a fancy moniker. Give us a call at (518) 203-2110 for tech support that will never abandon you.
