Gangs Extort Companies With DDoS Attacks

← Back to Stories (view on slashdot.org)

Gangs Extort Companies With DDoS Attacks

Posted by timothy on Wednesday November 12, 2003 @07:26AM from the crisis-of-the-week dept.

Pcol writes "The Financial Times reports that gangs based in Eastern Europe have been launching attacks on corporate networks costing the companies millions of dollars in lost business and exposing them to blackmail. Sites have been asked to pay up to ensure they are free from Distributed Denial of Service attacks for a year. One detective reported, 'If the demand comes in for $40,000-50,000, compared to the losses they're suffering, there's an attraction for the companies to pay and hope it goes away. But there's nothing to say it will go away.'"

19 of 423 comments (clear)

A new financing model... by waytoomuchcoffee · 2003-11-12 07:27 · Score: 5, Funny

For /.?
1. Re:A new financing model... by metlin · 2003-11-12 07:30 · Score: 4, Funny
  
  Sure.
  
  But just that with all the story repeats, they might just forget that they'd been paid not to do that again.
  
  You know, that might actually prevent them from posting repeats though ;-)
2. Re:A new financing model... by blair1q · 2003-11-12 08:22 · Score: 4, Funny
  
  Turn it around. /. should offer to block access from a company network.
  
  The productivity gains would be enormous.
Fine. Let them! by freeze128 · 2003-11-12 07:29 · Score: 5, Insightful

The gangs can *TRY* to extort money, but in the long run, it would be cheaper to hire consultants or better administrators. This will have the effect of IMPROVING security worldwide. Thanks European gangs!
1. Re:Fine. Let them! by TheTomcat · 2003-11-12 07:41 · Score: 4, Insightful
  
  What exactly would this consultant / administrative talent DO?
  
  You have 10,000 zombies firing packets at you, spoofed on random IPs, how do you stop this?
  
  We had to Akamize our stuff.. and that's extremely pricey (think 2+ salaries).
  
  S
2. Re:Fine. Let them! by Zeinfeld · 2003-11-12 08:28 · Score: 4, Informative
  
  The gangs can *TRY* to extort money, but in the long run, it would be cheaper to hire consultants or better administrators. This will have the effect of IMPROVING security worldwide. Thanks European gangs!
  Commercial rates for security consultants start at $2,000 per day. People in the middle tier charge as much as $5,000. Big name consultants such as Bruce Schneier can name their price.
  And the fact is that none of us can do diddly against a DDoS attack, except advise you on how to configure bigger pipes and how to get in touch with ISPs quickly to stop the traffic from their networks.
  Occasionally there is a DDoS that has a flawed mode of attack that can be diverted. There have been a couple of attacks against the Whitehouse that were like that. They can divert the attacks because they can get top rank consulting for free in extremis.
  Not paying might be cheaper in the long run, but in the long run we are all dead. The answer is not consultants, it is law enforcement and better infrastructure.
  For example why exactly does anyone need to send a stream of several thousand SYN packets per second from a home computer to the same IP address for several hours at a time? There is simply no reason why a home machine should need to do that, nor should a home machine be sending millions of DNS requests per second to any machine.
  There is a pretty easy fix to DDoS attacks, put intelligence into cable modems and router boxes. Even if there is an option that allows the expert user to turn the checking off the boxes should be shipped in a safe configuration by default and it should not be possible to disable the safety catch without physical access to the modem.
  Congress could encourage ISPs to adopt this type of technology by merely suggesting that ISPs be made liable for attacks mounted from their machines.
  
  --
  Looking for an Information Security student project suggestion?
  Try http://dotcrimeManifesto.com/
Internet Mafia by Anonymous Coward · 2003-11-12 07:29 · Score: 4, Funny

So now there's an internet mafia.

So who's the god father? I vote Al Gore.
protection market by musikit · 2003-11-12 07:29 · Score: 5, Insightful

funny thing is with the old mobsters paying protection money to mob A would stop mob B from doing the same.

what's to stop another DDoS group from doing the same?

as the movies teach never pay the protection money
1. Re:protection market by swb · 2003-11-12 08:24 · Score: 4, Interesting
  
  There's two kinds of protection:
  
  One kind is the low-level "Pay me or I wreck shit". In this model, you don't actually get "protection" from anyone else, just the people you paid don't arbitrarily wreck your stuff. If some third party decides to play rough, the people you're paying protection to generally don't care, unless it threatens their protection money (ie, driving a store owner completely out of business).
  
  The more sophisticated kind of protection generally involves paying someone so that you can operate without interference. Generally this involves handing over a percentage of the operations as a tithe or tribute (and in fact among Italian mafia, it is a historical descendent of the practice of conquered peoples paying tributes to Roman officials). In this case, since the payment is generally dependent on the successful completion of whatever the protected activity is, you'd be more likely to get muscle applied in your favor to keep rivals away. But even then there may be extra money associated with hiring muscle, and often it is an artificial ruse used to obtain larger tributes. (In an episode of the Sopranos, Tony uses a black political agitator to get more tribute out of a construction business that is already paying tribute. He then "breaks up" the black's protest and later splits the take with the black's leaders).
A new financing model for /.? by canfirman · 2003-11-12 07:30 · Score: 5, Funny

Nah, a new financing model for SCO.

--
It is not our abilities that show what we truly are... it is our choices.
This isn't surprising... by Mysticalfruit · 2003-11-12 07:32 · Score: 4, Interesting

Firstly, I'm suprised it took this long for something like this to happen. Though I suspect it's been happening for a while. Organized crime has always been ready to utilize new technology in the persuit of money / Power.

Secondly, How is this different from some company installing spyware/nagware that's not uninstallable and then sending you email asking you to pay 20 bucks for a utility that'll "remove" their piece of software.

--
Yes Francis, the world has gone crazy.
1. Re:This isn't surprising... by signe · 2003-11-12 07:38 · Score: 4, Funny
  
  Secondly, How is this different from some company installing spyware/nagware that's not uninstallable and then sending you email asking you to pay 20 bucks for a utility that'll "remove" their piece of software.
  
  Easy. Asking for money to not attack someone's servers is extortion. Your example is an "innovative business model".
  
  -Todd
  
  --
  "The details of my life are quite inconsequential..."
Anyone looking for work in security? by phorm · 2003-11-12 07:34 · Score: 4, Insightful

For $50,000 a year, sounds like a decent wage for anyone who's currently unemployed. Why not just hire a good whitehat instead of caving into blackhat demands?
Quick! Someone call SCO! by Our+Man+In+Redmond · 2003-11-12 07:36 · Score: 4, Funny

Surely this is a violation of their IP in regards to extorting money using online means!

--
Someone you trust is one of us.
Why do I Keep Getting Left Out? by coupland · 2003-11-12 07:40 · Score: 4, Funny

Fifteen years ago all the cool kids would make fun of me and call me a computer geek and never pick me for the baseball team and stuff. Now all the cool geeks are going off forming gangs and taking down servers and I'm still left out! I can't figure this world out...
Hmm by downix · 2003-11-12 07:44 · Score: 4, Interesting

The primary targets appear to be gambling sites.

Why is it whenever the mob is involved, their first target are gambling sites? Next thing it will be online porn and pharmacudicals.

--
Karma Whoring for Fun and Profit.
They make pay to their hacked eBay accounts... by jcrb · 2003-11-12 07:55 · Score: 4, Informative

which they transfer to one of the 100's of stolen credit card numbers they have which they then go off and use to by something very expensive (in person).

As a side note, I know a network security company who got hit with one of these, end result? The FBI and the local (eastern european) police arrested and are trying the hackers in question.

When you start trying to extort real money across international borders you are into real crime. The FBI does investigate these attacks, and I am sure they will get much better at it as time goes on.

--
-jon
Karmic in a way... by CaptTofu · 2003-11-12 08:01 · Score: 4, Interesting

For the outsourcing some companies have been doing. You let some Ukrainian company design software for integral parts of your organisation's business and later get screwed by some thugs blackmailing you, well, this is one of those cases where maybe you should have paid a little more to hire domestic programmers who come from a less thugocratic society.

Saving a buck has its limits!
To put this in perspective... by InfraredEyes · 2003-11-12 08:10 · Score: 5, Interesting

...the targets need not be large companies with high-profile Websites. My small (5 person) company is just now recovering from a DDOS attack against the DNS server used by our ISP; as of yesterday evening, they were getting repeated hits from at least 15,000 zombies. Our email and our Website were completely inaccessible for about 24 hours, and many other DNS customers will have suffered similarly. Various changes in server IP address etc. seem to have fixed the problem for now. The advice from the DNS server people is to use at least two independent DNS services in future. It must hurt to have to tell customers, in effect, to do business with your competitors to ensure service.