Category Cybersecurity

In the past weeks, various financial organisations over the world have been on the receving end of Distributed Denial of Service (DDoS) extortion attacks, with disruption to their online service.

 

According to an international anti-DDoS service provider, the attackers would target multiple sectors, including finance, travel, and e-commerce. They would first contact their targets by sending ransom emails, warning of an impending DDoS attack against their company unless a ransom is paid in Bitcoin. The attackers would utilise various attack vectors, such as ARMS, DNS Flood, GRE Protocol Flood, SNMP Flood, SYN Flood, and WSDiscovery Flood attacks, to launch DDoS attack traffic at almost 200 Gb/sec (equivalent to send 40,000 mp3 songs in a second). Also, they would cunningly change attack tactics, such as application attacks and spoofed attacks, to bypass the security protections of their targets.

 

HKCERT urges local companies to stay vigilant and pay extra attention to DDoS extortion attacks, and adopt the following advice for a better defence of such attacks:

  1. Ensure your organisations get prepared with a related contingency plan and playbook for DDoS incident;
  2. Ensure network monitoring and security detection are in place and ready to carry out immediate incident response if any abnormal network activities are detected;
  3. Harden the network infrastructure and minimise the points of exposure to the Internet;
  4. Consider DDoS protection solution or service to defend against DDoS attacks;
  5. Do not pay the ransom;
  6. Report to HKCERT for coordination with ISPs on blocking attacker IP addresses (if identified);
  7. Contact HKCERT at 8105 6060 for enquiry or assistance.

 

Reference

  1. https://blogs.akamai.com/sitr/2020/08/ransom-demands-return-new-ddos-extortion-threats-from-old-actors-targeting-finance-and-retail.html
  2. https://www.welivesecurity.com/2020/08/27/ddos-extortion-campaign-targets-financial-firms-retailers/

[ad_2]

Source link

Is your business effected by Cyber Crime?

If a cyber crime or cyber attack happens to you, you need to respond quickly. Cyber crime in its several formats such as online identity theft, financial fraud, stalking, bullying, hacking, e-mail fraud, email spoofing, invoice fraud, email scams, banking scam, CEO fraud. Cyber fraud can lead to major disruption and financial disasters. Contact Digitpol’s hotlines or respond to us online.

Digitpol is available 24/7.

Email: info@digitpol.com
ASIA +85239733884
Europe +31558448040
UK +44 20 8089 9944