Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

7/6/2016
10:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DDoS Extortion Campaigns to Threaten 80% of European Businesses in the Next Year

European IT security professionals call upon Internet Service Providers to offer business customers more robust and proactive cyber security protection against growing DDoS ransom threat

London and Hudson MA– July 6, 2016 – 80 percent of European IT security professionals expect their business to be threatened with a DDoS ransom attack during the next 12 months, according to a new research report from Corero Network Security (LSE: CNS), a leading global  provider of First Line of Defense® security solutions against DDoS attacks.

The research, which polled over 100 security professionals at the Infosecurity Europe conference in London, highlights the growing threat of cyber extortion attempts targeting businesses in the United Kingdom and continental Europe. Last month, (May 2016), the City of London Police warned of a new wave of ransom driven DDoS attacks orchestrated by Lizard Squad, in which UK businesses were told that they would be targeted by a DDoS attack if they refused to pay five bitcoins, equivalent to just over £1,500. Corero’s Security Operations Center also recorded a sharp increase in hackers targeting their customers with such demands at the end of 2015. 

Even more concerning was the finding that almost half of these IT security professionals (43%) thought that it was possible that their organization might pay such a ransom demand.

Dave Larson, COO at Corero Network Security, comments: “Extortion is one of the oldest tricks in the criminal’s book, and one of the easiest ways for today’s hackers to turn a profit.  When your website is taken offline, it can cost businesses over $6500 a minute in lost revenue, so it’s understandable why some organizations choose to pay the ransom. But this is a dangerous game, because just a few willing participants encourage these threats to spread like wildfire. Rather than trying to negotiate with criminals, the only way to beat these attacks is to have a robust, real-time DDoS mitigation system in place, which can defend against attacks and prevent downtime."

“Our research data indicates that DDoS ransom attack threats are not only increasing in frequency but also being used by cyber criminals in new and creative ways to extract money from victims. For example, low-level, sub-saturating DDoS attacks are usually used as a precursor to ransomware attacks.  Because they are so short – typically less than five minutes in duration – they are usually not detected by security teams and allow hackers to find pathways and test for vulnerabilities within a network which can later be exploited through other techniques.”

More Robust DDoS Protection Needed from Internet Service Providers

As DDoS attacks become increasingly sophisticated, many organizations are looking further upstream to their Internet Service Provider to protect them against DDoS threats. The majority of those surveyed (59%) worry that their ISP does not provide enough protection against DDoS attacks, and almost a quarter (24%) of respondents believes that their ISP is to blame if a DDoS attack affects their business. 

Furthermore, over half of those surveyed (53%) believe that ISPs are hiding behind net neutrality laws – the concept of treating all online traffic equally – as a way to dodge their responsibilities in terms of protecting their customers from cyber attacks, such as DDoS. 

Dave Larson continues, “A telecom company’s role has traditionally been to direct traffic from one destination to another, without passing judgment about the content. Net neutrality, in which carriers treat all data the same, was prized above all else. But the tide of opinion is changing and many customers now want their telcos to deliver not a decaying mélange of Internet traffic and increasingly sophisticated attack vectors, but a ‘clean pipe’ of good traffic, where the threats have been proactively removed. Providers now have a golden opportunity to offer their customers DDoS protection-as-a-service, and open up valuable new revenue streams in the process – or risk losing their customers.”

Almost 60% of those surveyed (58%) said that would leave their service provider because of poor service, and over a fifth (21%) would leave if they did not offer adequate protection against DDoS attacks. 

The research report was compiled by Corero Network Security and examined the views of 103 European IT security professionals at the Infosecurity Europe conference in London during 7-9 June 2016. 

An infographic displaying the results of the research is available here.

About Corero Network Security
Corero Network Security is the leader in real-time, high-performance DDoS defense solutions. Service providers, hosting providers and online enterprises rely on Corero’s award winning technology to eliminate the DDoS threat to their environment through automatic attack detection and mitigation, coupled with complete network visibility, analytics and reporting. This next-generation technology provides a First Line of Defense® against DDoS attacks in the most complex environments while enabling a more cost effective economic model than previously available. For more information, visit www.corero.com.

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
lorraine89
50%
50%
lorraine89,
User Rank: Ninja
10/28/2016 | 10:15:57 AM
Cyber security
According to estimates, nearly $1 billion were compromised in last year alone pertaining to the the cases of data theft. Therefore, businesses in order to avoid the embarrasment of privacy hacks must ensure that their data is secure ad their online presence guaranteed. Getting help a vpn server like PureVPN is essential and securing with password protection is crucial to avoid any breach. 
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Average Cost of a Data Breach: $3.86 Million
Jai Vijayan, Contributing Writer,  7/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-18112
PUBLISHED: 2020-08-05
Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
CVE-2020-15109
PUBLISHED: 2020-08-04
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipm...
CVE-2020-16847
PUBLISHED: 2020-08-04
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
CVE-2020-15135
PUBLISHED: 2020-08-04
save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF...
CVE-2020-13522
PUBLISHED: 2020-08-04
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.