The Internet Crime Complaint Center (IC3) has issued an alert regarding an increasing number of complaints from businesses hit by Distributed Denial of Service extortion campaigns via email. The FBI said it suspects multiple individuals are involved in these ransom plots.
In a typical extortion campaign, the targeted business receives an email threatening a DDoS attackon the company’s website unless it pays a ransom. Ransoms, which are usually demanded in Bitcoin form, vary in price.
The FBI, which established the IC3 in partnership with the National White Collar Crime Center, warned that the attacks are likely to expand to online industries and other sectors, especially those susceptible to suffering financial losses if they are taken offline.
According to the cybersecurity intelligence firm LIFARS, DDoS attacks overwhelm targeted websites with bogus traffic, preventing legitimate users from accessing the website. Businesses that rely on online sales and other types of web-based services are at risk of losing money after such an attack.
Victims that do not pay the ransom receive a subsequent, threatening email claiming that the ransom will significantly increase if the victim fails to pay within a given timeframe. Some businesses reported implementing DDoS mitigation services as a precaution.
Threats vary from disrupting a firm’s website, preventing customers from accessing it, to notifying victims that they will release personal data, which criminals obtain by hacking into the firm’s database.
Businesses that experienced a DDoS attack reported the incidents consisted primarily of Simple Discovery Protocol and Network Time Protocol reflection/amplification attacks, with an occasional SYN-flood and, more recently, a WordPress XML-RPC reflection/amplification attack. The attacks typically lasted one to two hours, with 30 to 35 gigabytes as the physical limit.
DDoS attacks are becoming increasingly potent and are some of the most frequent types of cybersecurity incidents – 18% of respondents cited the attacks in a U.S. State of Cybercrime Survey, a collaborative effort between PwC, CSO, the CERT Division of the Software Engineering Institute at Carnegie Mellon University and the U.S. Secret Service.
And, a Verisign report found that DDoS attacks against the financial services industry doubled during Q4 2014 to account for 15% of all attacks. During Q1 2015, 18% of DDoS attacks took place within the financial services industry.