Threat Landscape Update: Distributed Denial of Service Attacks
Tuesday, December 21, 2021
Distributed Denial of Service Attacks

December 2021 has brought with it holiday cheer and an uptick in distributed denial of service attacks (DDOS) attacks. DDOS attacks are fast becoming a new tool in the extortionist threat actor’s toolkit. DDOS attacks are attractive because they don’t require attackers to actually hack into a company’s systems. Instead, a DDOS attack targets a website or other online service. The attacker attempts to flood a targeted service with traffic by using numerous compromised computer systems, including IoT devices, as sources of attack traffic. Think of a DDOS attack like your home phone from the 1980s. If multiple callers are constantly calling your number, legitimate callers will get a constant busy signal. The goal, of course, is to get a company to pay the threat actors to stop the attack and resume normal operations.

GT has seen this increase in two primary ways. First, as an add-on to a ransomware attack. Ransomware attacks have evolved over the past several years beyond simply encrypting a company’s servers and endpoints, to increasingly exfiltrating and threatening to publicly post or sell company data, to now threatening and/or committing DDOS attacks. Second, certain threat actors are skipping the ransomware attack and heading straight to the threat of a DDOS attack.

Fortunately, some of these threat actors are bluffing and lack the resources to conduct a full-blown attack. They may instead hit a company’s network with a short burst of traffic, and then will use that burst to suggest they have much more firepower behind them. Others, however, are conducting full-blown attacks.

More from Greenberg Traurig, LLP