Following the news that cybercriminals claiming to be the Armada Collective have sent out extortion emails threatening independent and small businesses with DDoS attacks, Craig Young, Security Researcher at Tripwire commented below.
Craig Young, Security Researcher at Tripwire:
“In my opinion, businesses are best to never pay DDoS extortionists and instead are better served saving that money for DDoS mitigation services from reputable firms. In recent years, criminals have successfully seized the opportunity to scare businesses into paying under the threat of large scale denial of service attacks. Much of the time the threats are coming from individuals or small groups with no actual capability or intention of carrying out the DDoS. Meanwhile a large market has developed around producing products and services that can very effectively thwart most DDoS attacks. Since a DDoS involves flooding a target with junk messages until the communication lines are so full of junk that there is no room left for the legitimate messages. The solution to this is often just to get really big communication lines and position servers all around the world making it less likely that an adversary could overwhelm them.”