Hackers are increasingly using Ransomware and DDoS attacks to extort money from businesses and individuals, a recently published report says.
In the report by Radware, a cyber security firm, it is pointed out that the motivation to profiteer has now fully replaced the need to make a political statement or steal information as the reason as to why hackers carry out attacks nowadays.
It is now clear that hackers are solely motivated by the prospect of making money from businesses and governments by threatening them with or carrying out Ransomware or DDoS attacks,’ the report reads in part.
It appears that criminals have realised the ease with which they can make quick money by using Ransomware or DDoS attacks. The report notes that criminals are favouring these methods because they find them easy to use and manage within a very short time.
Ransomware attacks use special forms of malware that can lock a system and deny a genuine user access to data. Criminals can remotely inject a computer with the malware, thus forcing a business or individuals to get in touch with them to decrypt the data stored on the system.
Given the capacity of Ransomware attacks to disrupt the daily operations of a business or organisation, criminals favour the method because organisations are likely to respond fast to avoid the associated disruptions, the report notes.
Similarly, it has been noted that DDoS attacks are another favourite of criminals because of their effectiveness.
‘Cyber criminals can successfully extort money from an organisation by threatening it with a DDoS attack and even going further and carrying out a small-scale attack as a warning shot,’ the report notes.
In a typical attack, criminals demand that they are paid in the form of bitcoins, with a single attack attracting a maximum of about 200 bitcoins, which is an equivalent of $3,600, the report further notes.
Interestingly, it has been pointed out that other small time criminals are taking advantage of the situation by threatening to launch attacks against organisations in a bid to make money, thus complicating the situation further. Therefore, whereas serious criminals target organisations that are known to handle sensitive information and cannot risk losing their data, wannabe cybercriminals are likely to target any organisation that they feel they can successfully exploit, the report notes.