A new form of cyber crime is rearing its ugly head on the internet. It’s called DDoS extortion or DDoS ransom. Like the very popular ransom-ware attacks that demand money in order to regain control of compromised systems, DDoS ransom attackers demand money, usually in the form of untraceable Bitcoins, to halt or prevent a DDoS attack on a web site. For many businesses, web sites have become the main platform for sales, but a DDoS attack on a site could knock it out for quite some time, forcing the owners to forgo any business that could have been done in the meantime. Below AT&T has provided an example of what a DDoS ransom letter looks like:
Please forward this email to someone in your company who is allowed to make important decisions!
We have chosen your company as a target for our next DDoS attack.
All of your servers will be subject to a DDoS attack starting Friday.
Right now we are running a small 1 hour demo attack to prove that this is not a hoax.
What does this mean? This means that your website and other connected services will be unavailable for everyone; during the downtime, you will not be able to generate any sales. Please also note that this will severely damage your reputation among your users / customers as well as strongly hurt your Google rankings (worst case = your website will get de-indexed).
How do I stop this? We are willing to refrain from attacking your servers for a small fee. The current fee is 15 Bitcoins (BTC). The fee will increase by 15 Bitcoins for each day that has passed without payment.
What if I don’t pay? If you decide not to pay, we will start the attack at the indicated date and uphold it until you do, there’s no counter measure to this, you will only end up wasting more money trying to find a solution. We will completely destroy your reputation among Google and your customers and make sure your website will remain offline until you pay.
Do not reply to this email — don’t try to reason or negotiate — we will not read any replies. Once you have paid we won’t start the attack, and you will never hear from us again!
Please note that Bitcoin is anonymous, and no one will find out that you have complied.
In response to the DDoS ransom note above, AT&T writes “The story of this extortion attempt had a happy ending. By teaming up with AT&T services, the organization was prepared for just such an attack and able to completely block the effects of the attacker’s threats.” AT&T and many other companies provide services that can prevent or minimize the effects of such attacks. No business owner wants to spend their precious time dealing with such a nuisance. Read more here.