Ransomware and RDoS (Ransomware Denial Of Service or Ransomware DoS) have a common objective and some of their tactics overlap, but techniques and success rates vary wildly.
Ransomware
With ransomware attacks, which use a crypto-locking malware that destroys systems and makes data inaccessible. that malware needs to be deployed on servers inside the organisation, from where they can wreak havoc. Initial Access Brokers often make the initial access, then sell that access to ransomware gangs.
Ransomware DoS
Unlike ransomware attacks, RDoS attacks do not breach networks or systems and no data is stolen or compromised. Instead, attackers disrupt online services such as websites, domain name services, Internet access and web APIs as well as voice, email and remote access systems to affect an organisation’s productivity and reputation.
| 2021 ransomware / RDoS stats (all currency in USD) | Ransomware | Ransomware DoS |
| Objective | Financial gain | Financial gain |
| Tactic | Extortion | Extortion |
| Primary technique | Crypto-locking | DDoS |
| Impact | Permanent (until recovered) | Transient (while attack lasts) |
| Ransom currency | Bitcoin | Bitcoin |
| Average ransomware demand | $5.3 million average | $5,000 up to $1 million |
| Average ransom payment | $570,000 | ~ $0.0 |
| Largest payout | $40 million | $6,000 in 2015 |
| Success rate | 70& | Very low |
| Estimated damage cost | $1.85 million average | $9 to 12$ million |
| Defence | Defence-in-depth, segmentation to limit impact, but no silver bullet | Adequate DDoS protection service |
Defence
RDoS attacks are relatively easy to defend if you deploy an adequate DDoS system. Ransomware, is very hard threat to defend against and eliminate, especially as operators have now developed sophisticated ecosystems where they all share in the profits, and it is a very attractive business to be in, and human-driven attacks are becoming at least as popular as bot-driven.
Source: Radware
Join Informed Sauce’s ransomware awareness session tomorrow, 2 December in London. Short talks from the Met Police’s Cyber Crime Unit, Commvault and Infinidat will be followed by a room-wide, moderated open forum discussion on how to combat the scourge of cyber crime and best protect your business.
For details and to sign up, visit the event microsite – https://informedsauce.com/events/infinidat/anatomy-of-a-ransomware-attack