Select Page

Reading Time: .

In the past few weeks, there have been increasing numbers of RDoS (Ransom Denial of Service) attacks on German banks, payment service providers, and other organizations. The attackers, posing as the Russian Fancy Bear (APT28) hacker group, are demanding that victims pay a large ransom of 100,000 euros in Bitcoin. Those who fail to comply in time with the demand for payment will be subjected to volumetric DDoS attacks.

The background: Ransom DDoS

The modus operandi of cybercriminals is by no means new. In the past few years, several large-scale RDoS campaigns have been conducted by attackers posing as internationally dreaded hacker groups. The approach is always the same: Companies first receive a blackmail letter demanding payment of a ransom in the cryptocurrency Bitcoin. At the same time, an initial DDoS attack is launched to show that the cyber extortionists should be taken seriously. If the company fails to pay the ransom within the specified time, the actual attack occurs, usually involving multiple attack vectors simultaneously: e.g., UDP, NTP, SYN floods, ACK floods, etc. Once started, these attacks normally continue uninterrupted for days. Unprotected processes collapse under the strain of the attacks and are not accessible during this time.

Who do the hackers have in their sights?

Cybercriminals are increasingly targeting larger and financially stronger companies. Providers of essential services critical to public infrastructure are also increasingly being targeted by attackers.

I have received a blackmail letter, what should I do?

  • Under no circumstances should you pay or contact the blackmailers.
  • Check your infrastructure for possible vulnerabilities.
  • Implement suitable protective measures with professional assistance.
  • Report the blackmailing attempt to law enforcement authorities.

Fast and hassle-free emergency assistance in case of attack: Myra Security is ready to help!

Myra DDoS Protection for Applications automatically protects websites, DNS, email, and VoIP on layers 3, 4, and 7. With full traffic visibility, Myra enables intelligent load balancing and site failover with high reliability and minimal response times.

Myra DDoS Protection for Data Centers automatically protects against volumetric attacks on layers 3 and 4. The protective solution is easy to implement and requires no additional hardware or software. Detailed traffic analyses (NetFlow and sFlow) are provided by automatic flow monitoring. The failover of affected networks in case of attack is also fully automated.

Myra offers an extensive portfolio with an equally competitive and flexible pricing model, ranging from on-demand operation to flat rates.

Share this article