A web hosting and domain registration provider recently suffered a large distributed denial-of-service (DDoS) attack.
Softpedia reports the attack began targeting 123-Reg at around 10:00 EST and lasted for several hours before finally letting up.
In that span of time, the attack peaked at 30 gigabytes per second (Gbps), a magnitude which is more than sufficient to knock most websites offline.
A spokesperson for 123-Reg notes it didn't take long for the company to mitigate the attack. As quoted by The Register:
"Our protection systems kicked in immediately and the attack was contained by 10:40am. We apologise for any intermittent connection issues to our services that some of our customers may have experienced during this time.”
The spokesperson also explains that none of the company's servers went offline.
Even so, that didn't stop 123-Reg customers from complaining on Twitter.
As of this writing, it's unclear who launched the attack or what their motivation might have been for doing so.
One explanation could be the rise of actors who leverage DDoS attacks to extort their victims. For instance, back in April, researchers at Cloudflare spotted individuals posing as the Armada Collective DDoS group who used the threat of a DDoS campaign to trick unsuspecting companies into handing over USD 100,000.
Though the poser group is believed to have targeted multiple organisations, Cloudflare did not detect a single instance in which the fake attackers followed through on their threats.
123-Reg has not said anything publicly about receiving a ransom note from the attackers.
Companies should never give into the demands of attackers regardless of whether those actors leverage ransomware, the threat of a DDoS attack, or other means to scare their targets. Instead organisations should invest in preparing themselves for extortion-based campaigns, such as by backing up their critical data regularly and by purchasing DDoS mitigation technology.