Incident Response, TDR

Businesses threatened with DDoS extortion attack

The Internet Crime Complaint Center (IC3) issued an alert on Friday about extortion campaigns that threaten businesses with a distributed denial-of-service (DDoS) attack unless a ransom is paid.

The threat typically comes through an email, and the ransoms vary in price, although they're usually demanded in Bitcoin, the IC3 announcement states. If victims don't pay the ransom they will receive another email claiming that the amount due will increase.

If a DDoS attack was initiated, it consisted mostly of Simple Discovery Protocol (SSDP) and Network Time Protocol (NTP) reflection/amplification attacks. Most attacks lasted one to two hours with 30 to 45 gigabytes as the physical limit.

The FBI believes multiple people are involved in these campaigns and that the campaigns will spread to online industries and other targeted sectors.

The agency recommends not communicating with the subject and implementing DDoS mitigation solutions preemptively.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.