Criminals are no longer limiting themselves to encrypting sensitive data before demanding a ransom from the victim. They have also started executing what’s known as Ransom Distributed Denial of Service attacks, or RDaaS, and it’s exactly as it sounds.
In an attack of this kind, criminals threaten a company with a series of crippling DDoS attacks, unless payment is made in cryptocurrency.
Recently, cybersecurity experts from Cloudflare published information on an RDaaS attack targeting an unnamed Fortune 500 company. They said the company first received threat emails, sent to multiple publicly listed emails.
The sender threatened strong DDoS attacks unless the victim paid a ransom of 20 Bitcoin (approximately $800,000 at press time) and added that, if the victim failed to pay within a week, a second attack would cause greater damage and the ransom would be increased.
The victim decided not to pay the ransom and was struck with a DDoS attack that Cloudflare described as a “powerful”, despite just being a warning shot. Allegedly, it was “gigabits per second” strong, saturating the internet uplink to the target data center.
Cloudflare said that the company did not have an always-on DDoS protection service, but rather opted for an on-demand offering, which increased the time needed to respond to the attack.