According to new data from web infrastructure and security firm Cloudflare, the amount of DDoS attacks being layered with a ransom demand are increasing significantly.
The company’s DDoS Attack Trends report for the fourth quarter of 2021 revealed a ransom DDoS attack increase of 29% for the year and a whopping 175% for the quarter.
Unlike ransomware where the hacker encrypts a victim’s systems and holds their data hostage unless they pay a ransom, a ransom DDoS attack is when a threat actor attempts to extort money from a victim by threatening a DDoS attack. If that DDoS attack is successful at crashing victim systems, it has the same effect as a ransomware attack—downtime and a loss of business.
Now, nearly one quarter of DDoS victims say attackers have sent them a letter demanding payment to stop the attacks.
In December alone, nearly one third of survey respondents reported being targeted by a ransom DDoS actor or threatened by the attacker, according to Cloudflare’s report.
The company says the fourth quarter and November were particularly active with persistent ransom DDoS attacks against VoIP providers around the world.
Although the fourth quarter of 2021 was full of ransom DDoS attacks, the attacks were far less frequent in other quarters, with just 8% in Q2, 9% in Q2 and 14% in Q1.
Cloudflare also included data from the fourth quarter of 2020 when 17% of DDoS attacks included a ransom threat.
Generally, ransom DDoS attacks spike in the fall and winter, according to Cloudflare’s data.
The company’s report cited security headlines from the past year, including the Kaseya ransomware compromise, the Log4j vulnerability and record-breaking HTTP DDoS and network-layer attacks.
“Prominent attacks such as the ones listed above are but a few examples that demonstrate a trend of intensifying cyber-insecurity that affected everyone, from tech firms and government organizations to wineries and meat processing plants,” the company said in a blog discussing the data.
According to the report, other alarming data about DDoS attacks includes:
- Manufacturing was the most attacked in the fourth quarter with application-layer DDoS attacks, recording a 641% increase from Q4 2020.
- The company says it mitigated the largest DDoS attack on record—a 17.2 rps attack from the Meris botnet.
- The fourth quarter was the busiest for network-layer DDoS attacks, with December recording more than all the attacks observed in the first two quarters.
For more information on DDoS attacks, read Cloudflare’s blog post.