How can companies gracefully block hackers from extorting Bitcoin?

     Recently, the CEO of a company suddenly received an email from the ransomware group DD4BC, informing him that if he failed to pay 50 bitcoins to the hackers within 24 hours, the company's website would face an intrusion attack.

The email also read: "It is not so easy to intercept our attack, because our UDP flood attack value has reached 400-500Gbps, so there is no need to struggle." The other party said that the hacker has already carried out a small wave of demonstration attacks on the company's website "to show that we are serious."

   This is not a high level of attack in the case of hackers, who demanded a total of about $11,500. But they said that if the CEO ignored their attack, they would raise the price and carry out a long-term attack.

    Nowadays, such Internet electronic extortion is becoming more and more common. The FBI's partner, the Internet Crime Complaint Center (IC3), said in July that the number of such cases they received was increasing. Usually, a company will receive an email threatening the other party that if they do not pay, a DDoS attack will be carried out on the company's website. Although the ransom varies, Bitcoin is usually requested.

    Malware designed to extort mobile and computer users is also on the rise, the survey showed.

    The combination of the low cost of launching such DDoS attacks, the lack of defensive tools to stop such attacks, and the hidden nature of Bitcoin payments helps hackers hide their tracks has led to the rise of high-tech extortion. For most companies, the risk of refusing to pay the ransom is too great. Internet companies rely on their websites every day.

    Fortunately, there are ways to stop electronic extortion on the Internet.

  1. Provide training to the departments most likely to be attacked

Bosses should train their employees, especially senior executives, because they are most likely to receive ransom emails from hackers. Employees must understand that ignoring ransomware may result in the company's website being attacked by DDoS. Employees should be made clear that they should contact IT security or management immediately if they receive such ransomware emails.

  2. Make friends with your hosting provider

DDoS attacks can be devastating to your company, overwhelming your network and taking control of your servers, but if you take precautions, you may be able to withstand these attacks.

If hackers attack your website, don't panic. You're not alone, and your hosting provider can help. Talk to your hosting provider to find out how well they defend against this and what they can do if an attack does occur. Often, your hosting provider can help stop hackers from carrying out a deeper DDoS attack.

  3. Filter the URL traffic of the company website

The Domain Name System (DNS) is perhaps the weakest link in a DDoS attack, but it is also your best tool for defense. If the hacker is targeting HTTP, the first thing you should do is to block them from connecting to your server IP.

You can use filtering waves to direct traffic to insignificant places and hide your real IP address.

  4. A high-difficulty infrastructure mode

If all the above methods fail, then hackers will most likely attack your IP address directly. In this case, simply move your network infrastructure directly to the new IP. Hackers are busy attacking the old IP, while network traffic has been transferred to the new secure IP.

But for this method to work, you have to prepare in advance. You need to clone your infrastructure on the new IP address in advance. Most hosting providers can do this. Another key is that the DNS TTLs must be low, otherwise the transfer of traffic may slow you down.

  5. Set basic rate limits

Setting basic rate limits can slow down all abusive IPs. If you find someone sending 5 or 6 page requests per minute, you can slow them down. The key is to use other devices to operate in front of the web server. But be careful not to add rate limits directly to the web server, because the web server cannot support the same amount of traffic. In short, you want to avoid clogging up the web server with illegal traffic.

  6. Purchase speed reduction service

If the above defenses don't work, that is, the website server has been attacked, then you need to find a way to reduce the speed of DDoS attacks as soon as possible. This may be expensive, but it is worth it. Because if you don't find a way to solve it, you may have to pay a higher price later. In short, be prepared in advance, figure out what you can do, what to do first and what to do next, and minimize the risk.