The main purpose of a distributed denial of services (DDoS) attack is to shut down a system so that it can no longer operate. Cyber attackers achieve their goal by flooding computer networks. While DDoS attacks are mostly a way to cripple a network, the compromised network (known as the botnet) can be forced to perform operations it normally wouldn’t, explained Richard Hummel, a threat research lead at Netscout, a cybersecurity, service assurance and business analytics solution provider.
Whereas DDoS attacks trick users into giving away information, ransomware attacks tend to lock the device, computer or machine; the goal is to block the user from accessing data until a ransom is paid. These days, Bitcoins are the currency of choice.
Companies know when they’ve been hacked by ransomware because files are encrypted. “At that point you’re out of luck,” said Hummel during a screencast with Machine Design. “You either pay the ransom—which, as a security professional, I never recommend—or you recover from backups, or you wait for somebody to hack the hacker and get their encryption key so you can decrypt your data.” Either way, the goal is to extort money.
Hummel is a co-author of the bi-annual Netscout Threat Intelligence Report.