Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Here is a Real DDoS Plus Ransomware Extortion Attack

    One of our customers received the following email today. It's a clear extortion attempt, they are threatening to execute a combined DDoS and Cerber ransomware attack. These bad guys claim to be the Armada Collective, but the original gang was arrested and are no longer in the running. However, there are copycats that have taken the Armada approach, and send this type of extortion emails to people:

    DDoS Plus Ransomware Extortion Attack

    This type of DDoS attacks has increased in frequency, scale and complexity over the past year, driven by DDoS-for-hire services, according to a new report by Imperva. And apparently they are combining the DDoS threat with ransomware as an additional headache.

    Copycats can now launch DDoS attacks for very little money, stated Imperva's DDoS Threat Landscape Report 2015-2016. The rapid growth of these services, also known as “stressers” and “booters,” accounted for an increase in the number of DDoS attacks from 63.8 percent in Q2 2015 to 93 percent in Q1 2016.

    Now, the choice is to pay or not. 

    The FBI officially recommends against it, but privately Special Agents admit that if you do not have a backup, paying the ransom is the easiest way to get your files back. This is to a large degree a business decision based on factors like:

    • Are you running on a bulletproof server that can handle a mega-sized attack?
    • Is your website is directly generating revenues? 
    • Is being offline costing you money in another way, and how much?

    Paying around 500 bucks to make them go away is an option. Refusing and possibly having to pay 10+ grand later is the other way to go. It's a risk assessment only you can make. Part of the assessment is if they are going to come back for more later, similar to the pizza parlor that pays regular protection money to the local mob.

    We have not heard about this... yet. But you can count on this happening in the future.  You better buy some bitcoin and have it available in a wallet, just in case. Many people do these days!

    Free Phish Alert Button

    When new ransomware campaigns hit your organization, it is vital that IT staff be alerted immediately. One of the easiest ways to convert your employees from potential targets and victims into allies and partners in the fight against ransomware is to roll out KnowBe4's free Phish Alert Button to your employees' desktops. Once installed, the Phish Alert Button allows your users on the front lines to sound the alarm when suspicious and potentially dangerous phishing emails slip past the other layers of protection your organization relies on to keep the bad guys at bay.

    Get your Phish Alert Button

    Don't like to click on redirected links? Cut & Paste this link in your browser:

    https://www.knowbe4.com/free-phish-alert? 

     

    Return To KnowBe4 Security Blog

    Topics: Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews