CyNexLink Blog • September 7, 2017
Despite an assemblage of lurking cyber threats, distributed denial of service (DDoS) attacks and ransomware are considered to be paramount concerns for a business.
Attacks are becoming more common, like the WannaCry ransomware attack in May that targeted computers running the Microsoft Windows operating system. That attack encrypted the data of users so they couldn’t get to their information unless they paid a Bitcoin ransom.
Cyber criminals are more readily employing this tactic of infecting machines with crypto-ransomware and holding the files hostage or launching a DDoS attack until payment is made.
An attack on a business could be crippling and even fatal to its future.
Encrypting data files could result in their permanent loss and paying the ransom could cost a business tens of thousands of dollars.
Even more troubling is how DDoS attacks can be used in conjunction with a ransomware attack. DDoS attacks are when a machine(s) becomes unusable when a cyber crook disrupts the services of a host connected with the web. This is usually done by flooding the machine with requests, which overloads the system.
These attacks can disguise a ransomware attack. DDoS attacks generally can last about 5 minutes, which may seem insignificant, yet, it may take only seconds for the hackers to take critical security structures offline, like firewalls or intrusion prevention systems.
While IT staff attempt to combat the network issues, hackers can inseminate the network with ransomware.
Most cyber security strategies seem to focus on coping with the outfall of a ransomware attack, but it would be prudent on businesses to work on preventing them from ever occurring. Being proactive is key when it comes to protecting a company from a crippling cyber attack.
A desirable protocol would be to install DDoS protection hardware that detects and blocks attacks from happening. This solution, and others, should be discussed with qualified professionals that can help come up with a strategy that best protects a business from the ever-common ransomware and DDoS attacks.
Here’s a breakdown from Craig Young, a cybersecurity researcher with security firm Tripwire:
“In my opinion, businesses are best to never pay DDoS extortionists and instead are better served saving that money for DDoS mitigation services from reputable firms. Since a DDoS involves flooding a target with junk messages until the communication lines are so full of junk that there is no room left for the legitimate messages, the solution often is to acquire really big communication lines and position servers all around the world, making it less likely that an adversary could overwhelm them.”
Next Steps to Take