In a DDoS extortion attempt, the extortionist
|“||start[s] with a 'sample' attack followed up with an email or other communication threatening a larger DDoS attack if a certain amount of money is not paid. If the extortion attempt is timed with major events, the targeted sites have the potential of losing millions of dollars in revenue and may make the business decision to pay as a form of cash flow risk management.||”|
"As an added benefit of paying, the attacker may also offer to 'protect' the site from other DDoS attacks. Like any protection racket, there are no guarantees. Once the word is out that the site paid, many other attackers may attempt to extort money from it.