Richard Hummel, a threat research lead at Netscout, a cybersecurity, service assurance and business analytics solution provider, discusses three prominent DDoS threat actors of 2021. Distributed Denial of Services (DDoS) extortion campaigns are typically custom-built attack techniques that threaten internet resources. The attacks have been directed at financial and travel industry sectors. However, Hummel said manufacturers of personal care products, energy providers, retail and IT-related vendors are also targeted.
Compromised machines, called Zombies or Handlers, send packets through the network to exhaust communication or computational resources. The variety and number of both the attacks and the defense approaches are overwhelming. That most of these threats do not materialize into actual attacks or are successfully mitigated can be no small comfort relative to the potential reliability risk for manufacturing plants.
The three DDoS attacks named in this video clip are:
- Lazarus Bear Armada: Attackers demand a ransom in exchange for stopping a DDoS attack. Extortionists targeted multiple verticals worldwide. An attack on the New Zealand Stock Exchange is one example.
- Fancy Lazarus: An extortionist campaign that targeted authoritative DNS servers of wireline broadband access ISPs in the UK and Scandinavia. The attack is characterized as “somewhat successful” due to the unpreparedness of a few network operators.
- REvil ransomware: An aggressive series of attacks masquerading as the REvil ransomware group targeted SIP/RTP VoIP operators in the U.K., Western Europe and North America. One VoIP wholesaler filed a form with the U.S. Securities and Exchange Commission (SEC) estimating the total cost of the DDoS attack at between $9 and $12 million.
Click here to access the Netscout Threat Intelligence Report.