ransomwares and ddos attacks

Ransomware and DDOS attacks: an eye on cyber threats

What are ransomwares and DDOS attacks? Let’s get closer

Ransomwares and DDOS attacks are a very serious matter. One of the biggest changes witnessed in the cyberthreat landscape is the increasingly agile nature of malware. While older threats such as DDoS and amplification attacks continue, emerging and highly sophisticated threats such as Locky ransomware are wreaking havoc on individuals and businesses.

DDoS attacks

Ransomwares and DDoS attacks as a category holds many disguises and continues to evolve, becoming challenging to detect and mitigate. What makes matters worse is that the internet is filled with poorly engineered networks, open resolvers and DNS proxies, creating platforms for attackers to penetrate and launch attacks.
Better network viewpoints are required to efficiently detect and mitigate the elaborate world of cybercrime.

Basically, it is the easiest way to attack a server by a huge amount of requests, knocking it down.

Pseudo Random Subdomain Attacks

PRSD attacks are known to be fast and furious.

Pseudo Random Subdomain (PRSD) attacks began to surface in 2014. They are an emerging style of DNSbased DDoS attack that threatens the DNS infrastructure.

Similar to amplification attacks, the approximately 20 million open DNS proxies in consumer home gateways are utilized as an attack tool, but unlike amplification attacks, PRSD attacks directly target authoritative DNS servers without spoofing the source of the queries.

This style of attack poses mitigation challenges as traffic between the resolver and authoritative server appears legitimate. As a result, many mitigation techniques employed to combat amplification attacks cannot be used to mitigate PRSD attacks.

Meet Locky, the spiteful ransomware

Locky is a notorious crypto ransomware enhanced by the ToR network and Necurs botnet infrastructure. It operates with the methodology “I’ve got the lock but do you have the key?” and has had a lot of success with a surprisingly high infection rate.

Isn’t it enough? Locky infects nearly 100,000 devices per day, of which 3% submit payments.

Cybersecurity experts estimate that Locky possesses 17 percent of the entire market share for all ransomware infections.

These are some of cyber threats, in you want to know more you can read the Nominum Data Science Security Report.


See the full report here: telecoms.com