Focusing on the lessons from the 2020 – 2021 DDoS Extortion Campaigns
DDoS Extortion will not go away. It is a cyclical International crime that can only be stopped with the DDoS Extortionist are arrested. In 2020, organizations woke up to a new wave of DDoS Extortion activities. These attacks caught organizations with the DDoS Guards down. They thought “DDoS was in the past.”
This session walks through the reasons why we have DDoS Extortion, criminal behaviors behind DDoS Extortionist, and essential DDoS Preparation tools any organization can deploy to reduce their risk when a DDoS Extoristist knocks on the door.
Extended Workshops: The Workshops for this session would work through each of the recommendations. The work models are designed to help organizations realize the strength within their own teams to deploy DDoS resilience tools that protect the business.
- Module 1: Extended session on the Realities of today’s DDoS Security Risk
- Module 2: The First Step – Walk through the Expected DoS Attacks – 10 Steps to Prepare for the Pain. The first step walks through 10 action tasks that focus on getting the existing team ready. It is not about calling in vendors, seeking security gurus, or working through crisis responses. The task builds the DDoS capacity and capabilities of the existing team. Its goal is to cultivate trust in the organization’s own knowledge of your business, your network, and your capabilities.
- Module 3: The Second Step 2 – 7 Critical Security Conversations – There are 7 Security Conversations that CIOs and CISOs need to have with their vendors. These security conversations help understand the security risk each vendor poses to your network. This “risk discovery” can be done by your existing team (no need for security experts). It requires common sense, consistent time, and continuous dialog. These 7 Security Conversation are listed in Demanding Security from your Vendors.
Attendee Takeaways
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” ― The Art of War

Understanding the person(s) behind a DDoS Extortion attack helps to prioritize the DDoS Resiliency preparations and response. It helps organizations save money, time, and stress – focusing on core techniques that push back against the miscreant’s DDoS extortion objectives.
This session “understanding the behavior” of the miscreant is best done as part of a series, exploring each of the DDoS resiliency architectures, mitigation techniques, defensive options, and best common practice.
Realities of Today’s DDoS Security Risk Sessions:
This session is updated each time it is presented. There is also constituent-specific tuning to best adapt to the peer’s needs.
- Realities of Today’s Security Risk – NZITF 2020 (2020-11-01)
- Realities of Today’s Security Risk – IT-ISAC 2021 (2021-01-19)
- Realities of Today’s Security Risk – APRICOT 2021 (2021-02-26) – (Video)
Practical Security Conversations
If you find your organization needs help and worry about the FUD from the industry, reach out and ask for help. These sessions are conducted in conferences, internal workshops, and security group memberships. If you are interested, reach Barry Greene at bgreene@senki.org. These sessions are designed to provide practical, cost-effective, and actionable security assistance. The materials help organizations leverage the talent around them to get started with their security activities. Start with the DDoS Attack Preparation Workbook and Operator’s Security Toolkit. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights. You can sign up to the mailing list for updates here: Stay Connected with Senki’s Updates.