The closing months of 2021 saw a flurry of ransomware cases involving distributed denial of service (DDOS) attacks.
DDOS attacks are popular with criminals because they don’t require an actual hack of a company. They simply jam the system so that the network becomes overloaded. Then the threat actor demands a ransom payment to unlock the system.
“A DDOS attack targets a website or other online service,” writes cybersecurity lawyer Jena M. Valdetero. “The attacker attempts to flood a targeted service with traffic by using numerous compromised computer systems, including IoT devices, as sources of attack traffic. Think of a DDOS attack like your home phone from the 1980s. If multiple callers are constantly calling your number, legitimate callers will get a constant busy signal. The goal, of course, is to get a company to pay the threat actors to stop the attack and resume normal operations.”
Are you taking advantage of the valuable resources available through the Alta Pro Risk Purchasing Group (RPG)? If not, register here and start enjoying the benefits. When your law practice has professional liability coverage through Alta Pro Insurance, you’re automatically enrolled in the RPG. Among the benefits: free, cutting-edge CLE webinars featuring top experts tackling timely topics; the Pro Practice Playbook; the Pro Practice Blog; Reminger’s ProLink risk management assistance; Reminger’s Claim Repair Hotline; discounts on CLIO practice management software; and access to the Risk Pro, who can help keep your firm safe and successful. Stay ahead of the curve with Alta Pro Risk Purchasing Group.
DDOS campaigns are becoming a go-to strategy for cyber-extortionists, according to Valdetero, a shareholder with Greenberg Traurig. They usuallt take one of two forms:
“First, as an add-on to a ransomware attack,” she writes. “Ransomware attacks have evolved over the past several years beyond simply encrypting a company’s servers and endpoints, to increasingly exfiltrating and threatening to publicly post or sell company data, to now threatening and/or committing DDOS attacks. Second, certain threat actors are skipping the ransomware attack and heading straight to the threat of a DDOS attack.”
Sometimes, the threat is a bluff.
“Fortunately, some of these actors are bluffing and lack the resources to conduct a full-blown attack,” according to Valdetero. “They may instead hit a company’s network with a short burst of traffic, and then will use that burst to suggest they have much more firepower behind them. Others, however, are conducting full-blown attacks.”
Want a discount on Clio practice management software products? You’re eligible if you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan and are a member of the Alta Pro Lawyers RPG. In addition to Clio discounts, you’ll get access to free webinars, the Pro Practice Playbook, Reminger ProLink, Ask the Risk Pro and more. Here’s how to join.