Cyber Security Today – More ransomware gangs now using DDoS attacks, more data thefts and an ADT technician admits spying on women

/in


More ransomware gangs now using DDoS attacks, more data thefts and an ADT technician admits spying on women

Welcome to Cyber Security Today. It’s Monday January 25th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:

There’s a new ransomware tactic going around: Launching distributed denial of service (DDoS) attacks against websites, then demanding organizations pay up to get decryption keys for scrambled data or the attack will continue. Denial of service attacks are like someone knocking on a door for hours. The door is a website. Too many knocks and the website crashes, and the organization has trouble doing business. Last fall the Bleeping Computer news service said two ransomware gangs started using this strategy. Now, it says, a third gang is doing it.

Organizations used to ignore ransomware attacks by restoring data from backups. Then gangs began stealing data in addition to encrypting it, as extra leverage: Pay for decryption keys to unscramble the data or you’ll be embarrassed by the release of the stolen data. The distributed denial of service attack is a variation of this threat.

Organizations should consider adding denial of service defences to their cybersecurity strategies. Typically these services blunt denial of service attacks by spreading the huge wave of knocks across the Internet.

Separately a security firm called Radware warned last week that other gangs continue to launch denial of service extortion attacks against websites and demand bitcoin to stop. These gangs don’t use ransomware. Their weapon is the denial of service attack alone.

Where do denial of service attacks come from? They come from huge numbers of internet-connected devices like computers that are unknowingly infected and chained together into a botnet that a crook can weaponize. Then the power of thousands or tens of thousands of devices are fired at a web site. Those devices usually get infected because they haven’t got the latest security updates installed, or they haven’t been configured right. Last week a security vendor called Netscout warned that Windows computers that haven’t properly secured their…

Source…