Cyber criminals are getting pretty gutsy and bold. It reminds me of the swash buckling pirates…Internet style! Tech start-ups continue to get hit by extortion attempts from cybercriminals who aim to shut down their systems until companies pay their ransom. Incredible!
For several months, the FBI has been investigating a wave of denial-of-service (DDoS) attacks, against web start-ups. In each case, attackers knock their victims offline using a flood of traffic and refuse to stop until victims pay their ransom in Bitcoins.
Among the businesses targeted in the initial wave of attacks were Vimeo, the video-sharing company; Meetup, a company that connects groups offline; Basecamp, a project management software company; Bit.ly, the link-shortening service; Shutterstock, the stock photography agency, and MailChimp, the email marketing provider. In nearly every case, the amount demanded was typically low, in the $300 range. Apparently in some cases the victims paid the ransom.
Among the companies targeted in just the last month have been Feedly, a service that aggregates web content; Evernote, the productivity service; and Moz, which makes marketing analytics software. On Thursday, Move, a San Jose, Calif. start-up that provides online real estate services, was added to the list.
The attacker(s) cover their tracks using anonymity software and flooding companies from thousands of different IP addresses in the United States. Those addresses are likely to be bots, or computers infected with malware that allow the hackers to apply them to an attack.
Moz is working with other affected companies, including Feedly, but said that because each company has different infrastructure, and because the attack methods differ, sharing information about the extortion attacks only provides so much help.
DDoS attacks in general are on the rise, according to Arbor Networks, a security firm in Burlington, Mass., after a “hockey stick” growth trajectory. But last year, the frequency of such attacks jumped eightfold from the previous year, and the size of the attacks eclipsed previous peaks by over 200 percent, according to a report by the firm.
It’s getting wild out there!