Cyber-extortion is a widespread problem not only in the online gaming market as well as the financial sector where downtime and reputational damage can result in large bills. In a survey conducted last month amongst 100 UK businesses 47% of larger companies over 3000 employees that had experienced a DDoS attack attributed the motive for the attack to financial extortion.
Ashley Stephenson, CEO of Corero Network Security, said: “Ransom demands on businesses are not uncommon. As a company that is on the front line – stopping the distributed denial of service attacks that take websites down and lead to financial and reputation loss – we are often called in when these attacks are underway. Like the alleged attack on bookies, ransom demands are often in the order of tens of thousands of pounds and can originate from Eastern European countries and other nations where it is hard to track to the perpetrators. Many organisations, especially gambling companies that each minute of downtime is often equated to significant revenue loss, may feel compelled to pay the ransom. But paying up, as they have learned, is just an invitation for future attacks and we often see attackers threatening to launch these DDoS attacks for repeated financial gain. As well, many companies do not report the threats for fear of reprisal and negative publicity. As attackers are increasingly savvy and realise that traditional technology is easily bypassed, therefore making attacks relatively simple to carry out, organisations need to implement new technologies at the perimeter to stop these revenue and reputation damaging events before they occur. There are other examples where we have been called in after the company receives the original cyber threat and we’ve installed our technology in time to call the cyber-extortionist’s bluff and stop the attack.”