Random UTF-8 characters


02 Apr 2016 in attackDDoS

The Threat

I honestly can't believe it happened. My company got a Distributed Denial of Services attack (DDoS) ransom note.

The note

The note itself was short and to the point. Send us X Bitcoins or we attack you. If you do not comply by Z date the price will go up every day by Y while we attack. The message was sent via an encrypted anonymous email service.

The Ransom

They are rather smart about the ransom amount. It's not a crazy impossible sum of money. It's right at the point where if you didn't know better you might think about paying it.

Is it real?

The first question we had to ask ourselves was is this a legitimate threat? This answer is impossible to know conclusively.

It could just as easily be a copycat. Using the same email without the intent to ever attack. It could be a script kiddie with a few rudimentary tools at their disposal. It could also be the group the email claims it is.

After comparing the ransom note to others. It seems probable that it may be legitimate.

Even if there is a 5% chance this is real we have to act on it. Like most small companies, a day of outage would not be acceptable. It is just not a chance you want to take.

What to do?

First things first: What ever you do, do not pay the ransom. Why? Even it did stop the attack, what's to say they won't be back asking for more? You'll just be added to a list of people who will pay up. The threats will never stop. If you give a bully your lunch money, they will come back for it every day.

You should get yourself protected. There are a ton of companies that provide DDoS protection. While this does cost a bit of money, it is worth the peace of mind.