Last month I published a post in reference to the surge in ransom driven DDoS attacks against Corero’s customers.
“Over the last thirty days, roughly 10% of Corero’s customer base has been faced with extortion attempts, threatening to take down their websites and services unless they pay out various Bitcoin ransoms. Through the observation of attack traffic targeted at Corero customers from Mid-September 2015 to date, and validation with specific customers, we have observed a significant rise in extortionists utilizing DDoS attacks to secure Bitcoin payments from targeted victims.”
Just yesterday, the media has been buzzing with news that ProtonMail, Switzerland-based encrypted email provider has succumbed to a DDoS related Bitcoin ransom attack. ProtonMail has confirmed that they were taken offline by a series of DDoS attacks that were “quite unprecedented in size and scope.”
According to statements made by the company, the severity of this coordinated attack against them impacted the upstream ISP provider for the company, additional routers in other locations, as well as hundreds of other companies. The collateral damage was felt far beyond the availability of the ProtonMail services. Finally, after hours of working to defeat the attack to no avail, the ransom was paid in hopes that the attacks would subside:
Organizations, regardless of industry need to be proactive in their DDoS defense strategies. Paying out a ransom to stop an attack is not a scenario that any organization should have to deal with. As DDoS attacks continue to become more complex, more frequent and more adaptive in nature, traditional IT security infrastructure doesn’t stand a chance when it comes to proper protection for your business. Organizations must begin to look at DDoS as a threat vector that requires a dedicated detection and mitigation solution as part of an overall layered security strategy. Proper DDoS mitigation combines real-time, automatic detection and mitigation, deployed at the Internet edge to defeat the growing threat of DDoS before it can impact the targeted environment.