A series of sustained Distributed Denial of Service (DDoS (opens in new tab)) reportedly knocked UK Voice over Internet Protocol (VoIP (opens in new tab)) provider VoIP Unlimited offline, weeks after it was targeted in a REvil-orchestrated ransomware (opens in new tab) campaign.
According to The Register, last week’s downtime was the result of "an alarmingly large and sophisticated DDoS attack attached to a colossal ransom demand" which VoIP Unlimited has pinned to the REvil ransomware gang (opens in new tab).
The attack is also blamed for disrupting the operations (opens in new tab) of other UK VoIP providers at the same time as well.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
>> Click here to start the survey in a new window (opens in new tab) <<
- Here’s our list of the best ransomware protection tools (opens in new tab)
- These are our options of the best DDoS protection services (opens in new tab)
- Check our list of the best malware removal (opens in new tab) software on the market
As of 11 December however, VoIP Unlimited has restored a majority of its services, while a couple continue to report (opens in new tab) “Degraded Performance.”
From ransomware to DDoS
The Register notes that while REvil is notorious for its ransomware operations, it seems to have joined the list of ransomware operatives who have begun switching to conducting extortion-based DDoS campaigns.
In fact, it appears before attacking VoIP Unlimited, the gang honed their skills by going after a Canadian firm (opens in new tab) in mid-September, and demanding one bitcoin (around $45,000 at the time) to cease the attacks.
Commenting on the change in tactics of ransomware operators, cybersecurity (opens in new tab) analysts at TrendMicro (opens in new tab) observed that multilevel extortion schemes were beginning to emerge as the latest trend in the ransomware underworld.
“Triple extortion follows a straightforward formula: adding DDoS attacks to the aforementioned encryption and data exposure threats. These attacks could overwhelm a server or a network with traffic, which in turn could halt and further disrupt operations,” observed TrendMicro (opens in new tab).
The new modus operandi was first performed by SunCrypt and RagnarLocker operators in the latter half of 2020, adding that the REvil operators were also looking to adopt this new ransomware strategy.
The emergence of ransomware DDoS (RDDoS) attacks was also recently highlighted (opens in new tab) in a report by US telecoms company Lumen Technologies, as it urged businesses to prepare for this incoming onslaught.
- Here’s our roundup of the best cloud backup services (opens in new tab)
Via The Register (opens in new tab)