[TheRecord] Bandwidth.com expects to lose up to $12M following DDoS extortion attempt

Bandwidth Inc. expects to lose between $9 million and $12 million because of service downtime caused by a series of DDoS attacks the company dealt with during late September and early October this year.

The attacks, which the company said it had fully mitigated since October 5, were part of a DDoS extortion campaign that targeted several VoIP providers across the globe.

The attackers tried to obtain money from Bandwith Inc. by attacking its Bandwidth.com portal, through which the company provided on-demand server infrastructure to smaller VoIP telephony providers.

In a document filed with the US Securities Excahnge Commission last week, Bandwidth said the attacks were large enough to put a dent in its Q3 revenue of $0.7 million, along with bigger losses expected by the end of the year.

“Based on preliminary usage data and currently known information, the company estimates that the impact of the DDoS attack may reduce CPaaS revenue for the full year of 2021 by an amount between $9 million and $12 million, inclusive of the aforementioned $0.7 million revenue impact in the third quarter,” Bandwidth said.

The company plans to discuss the attack and its impact on revenue in an earnings call on November 8, next week.

The SEC documents filed last week offer a rare glimpse into the aftermath of DDoS attacks, many of which are often ridiculed as being the work of non-sophisticated threat actors. However, when attacks are timed and coordinated for maximum impact, Bandwidth’s filing shows that they can a severe impact on a company’s bottom line, especially when attackers target cloud providers that either charge by the hour or need to maintain a nearly perfect uptime otherwise they incur penalties based on ongoing contracts.

The post Bandwidth.com expects to lose up to $12M following DDoS extortion attempt appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] NSA shares guidance on how to secure your wireless devices

The US National Security Agency (NSA) today published guidance on how to properly secure wireless devices against potential attacks targeting them when traveling or working remotely. […] Source: Read More (BleepingComputer)

Read More

[BleepingComputer] South Korea’s Nuclear Research agency breached using VPN flaw

South Korea’s ‘Korea Atomic Energy Research Institute’ disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability. […] Source: Read More (BleepingComputer)

Read More

[SecurityWeek] Cybercriminals Target Companies With New ‘Epsilon Red’ Ransomware

All posts, Security Week

A new piece of ransomware named Epsilon Red has been used to target at least one organization in the United States, and its operators have apparently already made a significant profit. read more Source: Read More (SecurityWeek RSS Feed)

Read More