Ransomware has taken center stage in the cybercrime ecosystem, causing over $1 billion in losses last year around the world and earning criminals hundreds of millions of dollars in profits. At the same time, distributed denial-of-service (DDoS) attacks, which have also traditionally been used to extort businesses, returned in force. Ransomware groups are even using them to put additional pressure on their victims.

According to recent annual reports from different content delivery networks and DDoS mitigation providers, 2020 was a record-breaking year for DDoS attacks, both in number of attacks as well as size of attacks and the number of attack vectors used. This resurgence in DDoS extortion was likely driven by the COVID-19 pandemic, which forced companies to enable remote working capabilities for most of their employees, making them more vulnerable to disruptions of business operations and probably, in the eyes of the attackers, more willing to pay extortion fees.

The trend continued in 2021 with Akamai seeing three of the six biggest volumetric DDoS attacks in history during February and more attacks that exceeded 50Gbps in the first three months of 2021 than the whole of 2019. The company estimates that attacks over 50 Gbps can take offline most online services that don’t have anti-DDoS mitigation due to bandwidth saturation.

The return of DDoS extortion

The motives behind DDoS attacks are varied, ranging from unscrupulous business owners wanting to disrupt the competition’s services to hacktivists wanting to send a message to organizations they disagree with to simple vandalism caused by rivalries between different groups. However, extortion has long been one of the biggest factors driving this type of illegal activity, and arguably the most profitable one because launching DDoS attacks does not require a huge investment. DDoS-for-hire services cost as little as $7 per attack, making them affordable to virtually anyone.