Skip to main content

Hackers Are Using DDOS Attacks To Profit Off Businesses

By February 6, 2021August 31st, 2021Cybersecurity

ransomware hack - olmecDistributed Denial of Service Attacks (DDOS) have been used by hackers since the earliest days of the web.

Get enough internet-connected devices to ping a server at the same time, and you can knock the server offline.

Keep the pressure on and you can keep it offline, pretty much indefinitely.

These days, given the web’s importance, cyber attacks are very common and can easily bring financial ruin to all but the most deep-pocketed companies. Hackers know this of course, which is why such cybersecurity threats are still in use to this very day.

Recently though, there’s been a notable surge in their use, and not only that, hackers have begun changing the way they use this form of attack. Specifically, they’ll threaten to perform a sustained DDOS attack against a target company unless that company pays them a fee to go away. This is a marked departure from the way DDOS attacks have been used in the past, and makes it much more similar to a ransomware attack.
It is really important to understand cybersecurity importance or
else these attackers will simply issue the threat and wait to see if they get paid.

According to statistics gathered by researchers at Neustar, DDOS attacks increased by a staggering 154 percent between 2019 and 2020 and there’s no sign of DDOS attack prevention and surge getting slowed down. Now add in the new wrinkle of threatening to hit a company with such an attack, and the scope and scale of the cyber threat resolves into stark clarity.

It’s easy to see why this is an increasingly popular option for hackers around the world. Of all the types of attacks available to hackers, the DDOS option is the simplest and most straightforward considering the weak cyber threat management of companies. Literally anybody with access to a botnet can do it. Given the massive size of some of the botnets available for hire on the Dark Web, it’s not hard to understand why an increasing percentage of companies are choosing to pay rather than run the risk of being shut down.

Nustar’s Vice President of Security Product Management Michael Kaczmarek, however, advises against simply paying the toll.

He writes:

“Organizations should avoid paying these ransoms. Instead, any attack should be reported to the nearest law enforcement field office, as the information may help identify the attackers and ultimately hold them accountable. Beyond this, organizations can prepare by setting up a robust DDOS mitigation strategy, including assessing the risks, evaluating available solutions, considering mitigation strategies, and keeping their plan and provider up to date.”

Although the threat is very real, there’s actually a lot a company can do to ward off such an attack, and paying the toll only emboldens future threats. The best way forward is to see these criminals held to account. Don’t pay. Make them pay.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.