Underway is a campaign by cyber criminals using the threat of DDoS attacks for extortion, unprecedented in its scope and scale.
The FBI has warned US companies that thousands of organizations across the world, from various industry sectors, have been threatened with DDoS attacks within six days unless they pay a ransom of anywhere between 10 and 20BTC ($113,000-226,000).
According to researchers at Akamai, the latest attacks attempt to leverage the reputations of two famous hacker groups: Fancy Bear and Armada Collective.
The FBI recommends companies use DDoS mitigation services to identify and block such attacks automatically before their networks are affected.
Making a DDoS Protection Plan
When a DDoS attack strikes, having a DDoS protection plan in place will make the difference between organization-wide panic and an orderly and timely response that keeps business as usual.
This whitepaper from Akamai lays out eight best practices for building and maintaining a DDoS protection plan. With it in place, companies can prevent damage from attacks.
Largest DDoS attack: 1.3 TBPS
This attack set the record for the largest attack mitigated by Akamai.
Popular vectors: UDP/DNS/NTP
UDP fragment floods are used in nearly a third of all DDoS attacks.
Cost per company per year: $1.5 million
Customer-facing revenue losses exceed costs in each of four other areas.
Read more at Akamai’s DDoS Resource Center.
Take Action: Before, Not After
Emergency DDoS mitigation can be deployed within an hour in typical cases, but that will be after an unprepared organization has accumulated hours or days of downtime and chaos.
The best way to avoid DDoS downtime is to implement a DDoS protection plan before your organization is targeted by a DDoS attack.
Featured image via Bleeping Computer