Within the past 24 hours a number of businesses throughout the UK have received extortion demands from a group calling themselves â€˜Lizard Squadâ€™.
Method of Attack:The group have sent emails demanding payment of 5 Bitcoins, to be paid by a certain time and date. The email states that this demand will increase by 5 Bitcoins for each day that it goes unpaid.
If their demand is not met, they have threatened to launch a Denial of Service attack against the businessesâ€™ websites and networks, taking them offline until payment is made. The demand states that once their actions have started, they cannot be undone.
PROTECTION / PREVENTION ADVICEWhat to do if youâ€™ve received one of these demands:â€“ Report it to Action Fraud by calling 0300 123 2040 or by using the online reporting toolâ€“ Do not pay the demandâ€“ Retain the original emails (with headers)â€“ Maintain a timeline of the attack, recording all times, type and content of the contactIf you are experiencing a DDoS right now you should:â€“ Report it to Action Fraud by calling 0300 123 2040 immediately.â€“ Call your Internet Service Provider (ISP) (or hosting provider if you do not host your own Web server), tell them you are under attack and ask for help.â€“ Keep a timeline of events and save server logs, web logs, email logs, any packet capture, network graphs, reports etc.
Get Safe Online top tips for protecting your business from a DDoS:â€“ Consider the likelihood and risks to your organisation of a DDoS attack, and put appropriate threat reduction/mitigation measures in place.â€“ If you consider that protection is necessary, speak to a DDoS prevention specialist.â€“ Whether you are at risk of a DDoS attack or not, you should have the hosting facilities in place to handle large, unexpected volumes of website hits.