Ransomware & ransomware DoS: similar but different

Ransomware and RDoS (Ransomware Denial Of Service or Ransomware DoS) have a common objective and some of their tactics overlap, but techniques and success rates vary wildly.


With ransomware attacks, which use a crypto-locking malware that destroys systems and makes data inaccessible. that malware needs to be deployed on servers inside the organisation, from where they can wreak havoc. Initial Access Brokers often make the initial access, then sell that access to ransomware gangs.

Ransomware DoS

Unlike ransomware attacks, RDoS attacks do not breach networks or systems and no data is stolen or compromised. Instead, attackers disrupt online services such as websites, domain name services, Internet access and web APIs as well as voice, email and remote access systems to affect an organisation’s productivity and reputation.

2021 ransomware / RDoS stats (all currency in USD)RansomwareRansomware DoS
ObjectiveFinancial gainFinancial gain
Primary techniqueCrypto-lockingDDoS
ImpactPermanent (until recovered) Transient (while attack lasts) 
Ransom currency BitcoinBitcoin
Average ransomware demand$5.3 million average$5,000 up to $1 million
Average ransom payment $570,000  ~ $0.0  
Largest payout $40 million$6,000 in 2015
Success rate 70&Very low
Estimated damage cost$1.85 million average$9 to 12$ million
DefenceDefence-in-depth, segmentation to limit impact, but no silver bullet Adequate DDoS protection service  


RDoS attacks are relatively easy to defend if you deploy an adequate DDoS system. Ransomware, is very hard threat to defend against and eliminate, especially as operators have now developed sophisticated ecosystems where they all share in the profits, and it is a very attractive business to be in, and human-driven attacks are becoming at least as popular as bot-driven.

Source: Radware

Join Informed Sauce’s ransomware awareness session tomorrow, 2 December in London. Short talks from the Met Police’s Cyber Crime Unit, Commvault and Infinidat will be followed by a room-wide, moderated open forum discussion on how to combat the scourge of cyber crime and best protect your business.

For details and to sign up, visit the event microsite –