Search blog for

The Greeting Card No Business Wants To Get!

What if you were a business owner and received an email like this:

GC

Would you pay $1200?

Consider the alternative: Don’t pay and risk your site being taken down. More than likely the losses would be in excess of $1200, perhaps substantially more.

It puts business owners in quite a dilemma: To Pay Or Not To Pay?

Unfortunately, unprotected business owners are seeing increasingly more of these types of ransom demands.

With just a $400 investment, a hacker could potentially more than quadruple his or her return. On the other end, a site owner’s unwillingness to pay the ransom could result in dramatic losses.

Incapsula has released an infographic based on an actual ransom note demonstrating the potential costs to the business and potential profit to the hackers.

Ransom postXmas final

It’s a Hacker’s World!

So how do the hackers pull it off? Well, (and this is the alarming part) it’s really not that difficult. Targeting a site with a DDoS attack, which typically results in a site being overwhelmed with bogus requests and thus being unable to effectively operate, is a common practice for hackers. Read more about DDoS attacks here.

The botnet attacks are so common these days, networks of hackers now openly offer their services online with botnet rentals!

1

Deal or No Deal

So for a targeted business owner it comes down to a decision between economics and ethics. Pay the hacker and prevent the possibility of more substantial losses or stand your ground hoping the hacker won’t make good on the threat

It’s a decision no business wants to have to make.

There is, however, a way to humble the hackers and foil their evil plans. In just five minutes, Incapsula can protect a website from these types of disabling attacks.

In fact, the day Incapsula created the infographic, an Incapsula customer was served a ‘warning shot’ DDoS attack. You can see from 6-7PM, there was a sudden spike in bot traffic… most likely to be followed by a ransom note similar to the one above:

2

Of course this customer needn’t worry because Incapsula blocked the attack before it hit their actual site.

The same cannot be said for website owners currently without Incapsula’s protection.