Re: Large DDoS, small extortion

["Livingood, Jason" <Jason_Livingood () cable comcast com>]

On 5/22/14, 12:51 AM, "Beleaguered Admin" <dealing.with.ddos () gmail com>
wrote:

> This has been going on for a long time -- almost every detail is
> exactly the same as what is described here:
> http://techcrunch.com/2014/03/03/meetup-suffering-significant-ddos-attack-
> taking-it-offline-for-days/
>
> He is in regular communication (via whois info and other collected
> contact data) asking for <$1000 USD sums to stop the attacks.

That article said that the company didn¹t want to negotiate with
criminals. As an aside I spent some time with a retired hostage negotiator
on Tuesday (which was fascinating BTW). He actually said negotiation is
always useful and sometimes paying a ransom demand can serve as a method
to track where the money goes, to identify all the actors involved for
later action (which may apply in this case). And sometimes financial
demands are dropped as a result of negotiation.

> Is it worth talking to law enforcement?  Some of these have been >500k
> costs to the customer, but we assume the person doing it isn't in any
> western country, so maybe it doesn't even matter?

You may find the law enforcement more interested in engaging within you
than you might think.

Jason