Attack the Florists on Valentine’s

Hello florists and everybody else,

About a dozen of websites of florists have been targeted with DDoS attacks on the run up to Valentine’s day, in an attempt to extort money.

According to the Security researchers Ofer Gayer and Tim Matthews, during the week leading up to 14 February, there was an increase in bottraffic to online florists.

“Ninety-one percent of the sites showed attack traffic during that period…Of those sites, 23 percent showed a sharp increase in attack traffic. There does not appear to be a trend in attacks against all online florists, but rather targeted attacks. In fact, one of our customers reported receiving a ransom note.”

In one case, an online florist has came on board after it experienced an application layer DDoS attack.

“The company’s CDN provider interpreted the traffic as real user sessions, which exceeded the site’s contracted cache capacity. This caused the provider to route the attack traffic to their origin servers. This ultimately brought the site down with a great loss of revenue,” they said.

As Stephanie Weagle, vice president of Corero Network Security said  “Attackers know when and how to hit where it hurts the most; targeting florist websites during one of their busiest Holidays is not a coincidence. Knocking a revenue generating web site or application offline with a DDoS attack is not a difficult task, and we see real-world examples of these instances regularly,”

Most organisations only take reactive approaches to DDoS attacks and it’s not enough.  Distributed Denial of Service (DDoS) attacks are growing in both frequency and sophistication. Organisations can take relatively simple steps to reduce their exposure to DNS-based DDoS attacks.

The experts say that the scale and duration of the attacks are both increasing, as is the sophistication. “The timing of DDoS attacks certainly shows that criminals are aware of when their actions will prove to be most effective but that’s more common sense than a display of higher intelligence.”

If a company is being held to ransom by a criminal DDoS gang it should inform law enforcement immediately and issue a statement to its customers where industry practice allows, they explained.

Source: Akati

Comments are closed.