Ransomware attackers are using DDoS to increase the tension

Young Asian male frustrated, confused and headache by ransomware attack on desktop screen, notebook and smartphone, cyber attack and internet security concepts

Image Courtesy: SSL Store

Ransomware hackers are always seeking new ways to convince their victims to pay the ransom. The more stress attackers can impose on their victims, the more likely their demands will be granted. A DDoS assault is one method that is increasingly being used in conjunction with a typical ransomware campaign. NETSCOUT, a cybersecurity firm, highlighted this trend in a study issued last week and gives some recommendations on how to better secure your enterprise.

In a DDoS (Distributed Denial of Service) attack, the attacker floods a website with intense web traffic over a long period of time. The objective is to overload the web server to the point where it is impossible to react to valid visitor requests.

In the most recent strategy, hackers that sell ransomware-as-a-service campaigns include a DDoS assault as an extra assistance. “It’s a little bit ransom, a little bit of DDoS extortion, and a lot of trouble,” explained NETSCOUT.

It adds another difficult issue for the targeted company to deal with. By combining file encryption, data theft, and DDoS attacks, the attacker hopes to increase the victim’s pressure and force them to pay the ransom.

According to Bleeping Computer, ransomware operators such as SunCrypt and Ragnor Locker were early adopters of the DDoS trick. Avaddon and Colonial Pipeline attacker Darkside are two other factions that have used this technique.

NETSCOUT recommends the following measures to defend your company from ransomware attacks that use a DDoS tactic:

  • Concentrate on the fundamentals: Make sure to back up all of your essential data on a regular and secure basis. Then, test the data recovery procedure to confirm that you can restore the backed-up files. Conduct vulnerability assessments to identify security flaws. To avoid exploitation of known vulnerabilities, patch and upgrade your computer systems.
  • Prevent network breaches: Ransomware attacks begin with network compromises. Hence, you must ensure that your users are trained on appropriate cybersecurity hygiene. You must also safeguard your network with endpoint security solutions capable of detecting malware, suspicious or anomalous activities, and signs of penetration (IoCs).
  • Make use of threat intelligence: Keep up with the most recent threat intelligence reports. This information can assist you in detecting, investigating, and looking for IoCs that could be a precursor to a ransomware assault.
  • Install the appropriate DDoS defence.