The founder of an online payment system has spoken out about his experience of being targeted by Russian gangsters who threatened to destroy his Web site and his business if he didn't pay them $10,000.
To this day his Web site is under continual attack.
Asif Malik, founder of NoChex, said his first contact with these blackmailers was in August 2004 when he received an email saying his Web site would be taken down by a DoS attack if the money wasn't paid into an account in Latvia.
"We'd received loads of emails like this before and my initial reaction was just ignore it," Malik told ZDNet UK sister site silicon.com. "But an hour later the site went down. They'd attacked us with 155Mb of data."
Malik was in no doubt what this would mean for his business.
"If they did what they said they'd do, which was attack the site for 30 days continuously, then we would have been unable to process transactions and we would have lost all our merchants.
"We'd not be in business today," he added.
Such an attack, often generated by a network of compromised machines all directing traffic at a particular server or Web site, can overload and bring down a Web site.
Malik then contacted the Russian gangsters behind the extortion scam and asked for one day to get the money together. They agreed to the delay and stopped the attack.
However, during that time Malik contacted his ISP Pipex who were already threatening to "black hole" his Web site as the attack was impacting the whole Pipex network and asked them to implement a Cisco Guard solution which effectively rerouted all traffic and cleaned it of the malicious traffic being generated by the crippling attack.
"The next morning they were emailing asking 'where is our money?'. When they realised we weren't going to pay-up they launched another attack but this time it had no effect."
Predictably this did not go down well. Malik received a string of abusive and threatening emails.
And to this day the attacks continue — though they have little impact on the NoChex Web site.
"I think they are still looking for a new way in," said Malik. Though he now employs several penetration testing companies to continually check he's leaving no door open for the Russian extortionists to return.
Malik reported the attack to Scotland Yard but as yet has heard nothing of the ongoing investigation.
Many other victims of such attacks, most commonly targeted at businesses such as online casinos, bookmakers and payment services, whose businesses are very time sensitive, have also spoken out about their problems.
Speaking of his own experiences of the problem David Yu, COO of Betfair, last year told ZDNet UK sister site silicon.com such a discourse is important as openness and shared understanding will eventually defeat the problem.
Paul King, chief security architect at Cisco, told ZDNet UK sister site silicon.com: "Criminals aren't looking for a sophisticated challenge. They just want to make money. If somebody thinks they can bring your site down and can ask for money then you need protection."
According to John Whitty, CTO of Pipex, those committing DoS attacks can now launch around 500Mb of data at a Web site at any one time. There are very few companies, if any, in the world whose Web site would withstand such a barrage undefended.
Talkback
CYBER TERRORISM
The traditional concepts and methods of terrorism have taken new dimensions, which are more destructive and deadly in nature. In the age of information technology the terrorists have acquired an expertise to produce the most deadly combination of weapons and technology, which if not properly safeguarded in due course of time, will take its own toll. The damage so produced would be almost irreversible and most catastrophic in nature. In short, we are facing the worst form of terrorism popularly known as "Cyber Terrorism".
The cyber terrorists may also use the method of distributed denial of services (DDOS) to overburden the Government and its agencies electronic bases. This is made possible by first infecting several unprotected computers by way of virus attacks and then taking control of them. Once control is obtained, they can be manipulated from any locality by the terrorists. These infected computers are then made to send information or demand in such a large number that the server of the victim collapses. Further, due to this unnecessary Internet traffic the legitimate traffic is prohibited from reaching the Government or its agencies computers. This results in immense pecuniary and strategic loss to the government and its agencies. It must be noted that thousands of compromised computers can be used to simultaneously attack a single host, thus making its electronic existence invisible to the genuine and legitimate netizens and end users.
For more details, kindly see http://perry4law.blogspot.com/2005/05/cyber-terrorism-and-its-solutions.html.