Numerous attacks have been detected since early May.
Link11, a leading provider of IT security solutions in the Business-Continuity field, has found that since the beginning of May, numerous Italian Data Centers, ISPs and Hosting Providers have received Distributed-Denial attacks via e-mail, in the name of "Turkish Hacker" -of-Service (DDoS) for extortion purposes. In particular, there are requests for payment in bitcoin and "denial of service" attacks generated to put pressure on the victims, requesting a ransom in cryptocurrency in order to avoid DDoS attacks exceeding 100 Gbps.
The mode of action of Turkish Hackers is always the same and they start with pre-attacks which, in most cases, overload the systems and IT infrastructures of the Hosting Providers attacked. Extortionists, who are particularly technically expert, continually change their strategy and, based on the weak point detected, employ different techniques and multiple attack vectors. At the same time, the victim receives an extortion email, confirming that the Turkish Hackers respect methods of action already used by previous DDoS attacks known by names such as DD4BC, Armada Collective and New World Hacking Group.
Unfortunately, companies that are victims of extortion do not have the time to prepare to adequately respond to threats and on average are hit hard by these attacks, which are particularly aggressive and technically well thought out. In recent days, Link11's Security Operation Center (LSOC) has already successfully repelled multiple pre-attacks and further DDoS attacks against several Italian Hosting Providers.
Data processing centers that today still lack adequate protection and do not want to give in to extortion must act quickly, so as not to waste further time, even considering that on average the payment deadline imposed by attackers is set between 24 and 48 hours. Furthermore, correctly setting up DDoS protection for a data processing center requires great experience and one cannot simply think of installing hardware which, based on the number of requests, is capable of autonomously and quickly managing the resources on the services provided. In fact, the expertise confirms that IT systems are protected from large DDoS attacks only if the entire data traffic generated by them is diverted, as well as filtered, through multi-level processes ensured by a leading provider of protection solutions, such as Link11.
Further attacks are expected in the coming weeks. Link11's Security Operation Center recommends not to give in to extortion requests under any circumstances, but to strengthen their protection measures and possibly involve external specialists who are experts in defense against DDoS attacks.
