Crime gangs extort money with hacking threat

[InfoSec News <isn () c4i org>]

http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory&c=StoryFT&cid=1066565805264&p=1012571727088

By Chris Nuttall in London 
Published: November 11 2003  

Evidence of a new type of international extortion racket emerged on
Tuesday with revelations that blackmailers have been exploiting
computer hacking techniques to threaten the ability of companies to
conduct business online.
 
Gangs based in Eastern Europe have been found to have been launching
waves of attacks on corporate networks, costing the companies millions
of dollars in lost business and exposing them to blackmail.

The most recent cases of affected companies have surfaced in Britain
where the National Hi-Tech Crime Unit (NHTCU) is investigating how one
betting site was brought down and then received a threat that it would
be attacked again unless tens of thousands of pounds were paid. It is
co-operating with international law enforcement agencies, with the
perpetrators thought to be based in Eastern Europe.

Ian Morris, founder of Equip Technology, a systems security
integrator, said: "We've dealt with six cases now and it's got to be
multiples of that, and not just in the UK, it's obviously a worldwide
problem.

"They seem to be targeting high-volume low-value transactional sites."

The attacks involve gangs commandeering as many as hundreds of
computers through hacking methods to use without their owners'
knowledge. A command is then issued to each one simultaneously to make
a series of bogus requests to the servers of the victim. The weight of
traffic brings the servers to a halt and legitimate requests to carry
out transactions cannot be completed.

One UK company was reported to be losing £1m ($1.66m) a day in lost
business as its service remained down.

More than a dozen offshore gambling sites serving the US market were
hit by the so-called Distributed Denial of Service attacks and
extortion demands in September and the tactic is now spreading. Sites
have been asked to pay up to $50,000 to ensure they are free from
attacks for a year. Police are urging any victims not to give in to
blackmail and report the crime.

Detective Superintendent Mick Deats, head of operations at the NHTCU,
said: "This is a protection racket. The message to these companies is
'You pay and we leave you alone'.

"If the demand comes in for $40,000-50,000, compared to the losses
they're suffering, there's an attraction for the companies to pay and
hope it goes away. But there's nothing to say it will go away."

One security firm has responded to appeals for help from six companies
as their systems have been brought down by DDoS attacks.  Four of
these were online gambling sites, one was a leading retailer with a
web presence and the other an online payments provider.

WorldPay, the online payments service owned by the Royal Bank of
Scotland that serves 27,000 online retailers globally, admitted to
suffering a major DDoS attack last week.

It said no customer data were compromised in the attack and sources
close to the company said there was no evidence of any blackmail
threat.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.