Imperva Mitigates 2.5 million RPS Ransom DDoS Assaults Targeting Unnamed Firm

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

 

Imperva, a cyber security software and services firm on Friday claimed it thwarted a massive 2.5 million RPS (requests per second) ransom DDoS attack targeting an unnamed company. 
 
According to Nelli Klepfish, a security analyst at Imperva, the company against which the DDoS assault was launched received multiple ransom notes during the attack. To prevent the loss of “hundreds of millions” in market cap and to remain online, the company paid the attackers in bitcoin.  
 
Imperva thwarted more than 12 million embedded requests targeting random pages of the firm’s site. The next day, the attackers sent over 15 million requests to the same site, however, this time the URL contained a different message. But the attackers employed similar methodology of threatening the company’s CEO for devastating consequences, such as the company’s stock price plummeting if they refuse to pay the ransom.  
 
The most devastating assault is said to have lasted less than a minute, in which researchers measured 2.5 million RPS (1.5Gbps of TCP traffic in terms of bandwidth) as the highest number of requests received.  
 
An identical attack was sustained by one of the sister sites operated by the same firm that lasted nearly 10 minutes, even as the attackers constantly changed their attack tactics and ransom notes to avert mitigation.  
 
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: