Trick or Bitcoin! Ransom DDoS in the Financial Market


Hackers always find new ways to make more effective and powerful attacks, and sometimes even modify the existing attacks. Recently, ‘Ransom DDoS (Distributed Denial of Service)’ attacks targeting the financial sector have become very popular so in this blog, we’re going to take a look at random DDoS threats demanding money and ways to prevent it from happening. 


Threat first, then Attack 

Ransom DDoS, at first glance, is a cyberattack with a similar name to ransomware. Ransomware is a combination of ransom and software and it’s a cyberattack that asks for money such as bitcoin by encrypting PCs and data and also because hackers ask for money before they actually launch a DDoS attack. They use multiple computers at the same time to generate massive amounts of traffic to a specific website or server in order to paralyze it. In the case of corporations, the service is temporarily suspended due to the attack, and not only damage financially but also the image of the brand and company. 


Attacks During the Holiday

During a holiday period in September, most of the major banks in South Korea received cyber threats such as emails asking for bitcoins worth tens of thousands of dollars. Just before this, in August, three other banks were attacked by DDoS after receiving threatening emails. Luckily, even with the DDoS attack since it happened in the financial sector, there was no severe damage in providing services thanks to the cyber shelter provided by the Financial Security Agency. However, due to the pandemic, stricter security measures must be taken in order to allow employees in those sectors to safely work from home. In addition, if the hackers’ ransom DDoS attacks continue to fail, there is a possibility that they may be evolving for stronger attacks. Compared to the old DDoS attacks, it is becoming more difficult to deal with due to massive traffic caused at once. 


How to Prevent 

The core of the ransom DDoS lies in the attack itself. If you can respond well or prevent DDoS attacks, you can stop cyberattacks without responding to ransomware (blackmail). Also, DDoS attacks are highly frequent cyber attacks accounting for about 62% of electronic financial infringement accidents in the past 5 years. So how do we actually stop the attack? 

Because DDoS attacks generate massive amounts of traffic simultaneously through bots, it’s necessary to distinguish between normal and abnormal traffic patterns. DDoS attacks must be quickly identified and responded to based on data on normal traffic patterns and sizes. This is usually done by DDoS attack defense solutions.

In particular, since many web attacks including DDoS attacks occur at the application layer, it’s important to implement a web application firewall. Penta Security’s intelligent web application firewall WAPPLES and Cloudbric’s web application firewall service effectively defend against DDoS attacks. Firstly, Penta Security’s WAPPLES is equipped with a function to block DDoS attacks at the application level and is the no.1 market share leader for 12 consecutive years in the APAC region. 

Cloudbric’s web application firewall is a cloud-based solution. With a simple DNS change, you and your organization can effectively protect your website from DDoS attacks. It’s mainly for private and small businesses that can enjoy a reasonable price. Moreover, Cloudbric’s DDoS advanced solution is especially for DDoS attacks with 20Tbps or less. As DDoS attacks with over 2Tbps haven’t occurred anywhere in the world yet, these advanced solutions definitely support users to operate a stable website by effectively defending against DDoS attacks that are rapidly advancing. 

In addition to these security products and solutions, if your government agency provides a Cyber Shelter, that could also be an option for you. Cyber Shelter is a service that enables companies that meet the conditions to bypass the service in the event of a DDoS attack through registration. Lastly, individuals should also check regularly if their computers are infected by malicious codes or exploited by DDoS attacks. Computers sometimes become zombie computers even without the users’ notice and it makes them also become exploited by DDoS attacks very easily. 

If you decide to not meet the hackers’ demands, the attacks that follow ransom DDoS attacks are pretty predictable. As such, it’s one of the attacks that can be prevented without much difficulty through appropriate and proactive response. However, not all DDoS attacks have the same pattern as the hackers. Therefore, we must prepare an effective response by establishing a security strategy and solution that can prevent various attack patterns. 


Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: ISign+

Car, Energy, Factory, City Solutions: Penta IoT Security