The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Ransom Denial of Service: What is RDoS? How to prevent it?

Download Windows Speedup Tool to fix errors and make PC run faster

You might have heard of DoS and DDoS. The idea behind such an attack is to bring down the servers of any organization, thereby not allowing them to provide service to its users. Usually, the main server of the organization is attacked by so many access requests that it crashes, denying any service to anyone at all. Ransom Denial of Service (RDoS) is similar except that the hackers double up as extortionists too. Let’s see what Ransom Denial of Service (RDoS) is, and how to prevent it by taking adequate precautions.

Ransom Denial of Service (RDoS)What is Ransom Denial of Service

Ransom Denial of Service is when hackers ask you to pay them some money, threatening to launch a Distributed Denial of Service (DDoS) attack if you don’t pay up before a certain date and time.

To show that they are serious about the RDoS attack, they may also launch a short DDoS attack on the institution from whom they are demanding the ransom. You might also have heard of ransomware: money asked by hackers after encrypting all data on any entity’s servers.

In the case of Ransomware, hackers first encrypt an institution’s data and then send a note to demand ransom, saying they’ll decrypt the data AFTER they (the hackers) get the money. With RDoS, the note is sent before any action on behalf of the hackers. It states clearly that the hackers have access to company servers, and they ask for a certain amount of money in Cryptocurrency (see Bitcoins) before a specific date. If money is not transferred to the hackers, they may proceed to encrypt the institution’s data or may leave it.

The RDoS employs the fear of loss and helps the hackers as people pay up to avoid a DDoS attack. Since only fear is involved, amateur hackers, too, start asking for money. They may or may not have resources to DDoS a company server, but there’s no harm in demanding extortions, except for the chance of being caught and sent to jail.

Should you pay up?

Experts say that you shouldn’t. They state that if even one institution pays the extortionist hackers, other hackers will also want to earn money. It will encourage other hackers, who may also demand a ransom (extortion money), saying they’ll DDoS the company servers if not paid.

Experts also say there is no guarantee that there won’t be a DDoS attack or a ransomware attack even if the extortion money is paid. Further, such acts will encourage other hackers.

Should you let the hacker extortionists frighten you and pay them the money they are asking for? No. It is always better to have a plan to counter such a scenario. The next section discusses how to prepare and deal with a DDoS attack. If you have a plan, you need not fear DDoS, RDoS, ransomware, or similar hacking issues.

… but then again, it is a practical decision you will have to make, given what is at stake!

RDoS – Precautions to prevent downtime when under attack

When a DDoS strikes after a ransom demand, being prepared is key to stress-free handling of the situation. That’s why a DDoS protection plan is required. When planning a DDoS protection plan, assume that it is a common procedure – that is, it happens time and again. That way, you will be able to create a better plan.

Some people create a Disaster Recovery Plan and use it to recover from a DDoS attack. But this is not our primary purpose. We need to mitigate the traffic flow to the company website or the website servers.

For an amateur blog, an hour of downtime may not mean much. But for real-time processing services—banking, online shops, and similar services—each second matters. That’s what you should keep in mind when creating a DDoS Response Plan instead of a DDoS Recovery Plan.

For your information, this website uses Sucuri to protect itself.

Some of the important points to consider while creating a RDoS or DDoS attack are:

  1. How can your Internet Service Provider help you?
  2. Can your Hosting Service Provider help you by taking the website off the host for a while (Until the DDoS attack stops)?
  3. Do you have third-party security providers, like Susuri, Akamai, or Ceroro, that can detect DDoS attacks as soon as they begin? These services can also block the attack by identifying different factors, such as geography.
  4. How long will it take to change the server’s IP address to stop the attack (misfires)?
  5. Did you consider a cloud-based plan that can increase bandwidth when DDoS happens? Increased bandwidth means more effort on the part of the hackers. If you opt for an infinity plan, DDoS attacks stop quickly because the hackers will have to arrange more resources for bringing down the company server.

This explains the Ransom Denial of Service (RDoS) and how to prepare for a DDoS attack. If you have anything to add, please comment below.

ArunKumar@TWC

Arun Kumar has been a Microsoft MVP (2010-12). He is obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses.