Net crime gangs hit gambling sites

[William Knowles <wk () c4i org>]

http://www.reuters.co.uk/newsArticle.jhtml?type=internetNews&storyID=4237306

By Bernhard Warner
European Internet Correspondent
29 January, 2004 

LONDON (Reuters) - Organised crime gangs are shaking down Internet
betting sites on the eve of American football's Super Bowl,
threatening to unleash a crippling data attack unless they pay a
"protection" fee, police and site operators said.

The National Hi-Tech Crime Unit (NHTCU) told Reuters it is
investigating a series of attacks and threats of attacks on companies
in the United Kingdom.

But security experts say sites based in the Caribbean and continental
Europe have also been targeted.

"These are not groups of amateur hackers -- great deals of money are
changing hands," said an NHCTU spokesman. "These are for-profit crimes
and all intelligence suggests that organised crime is involved."

One such target is Curacao-based VIP Management Services, which runs
seven gambling sites including www.VIPSports.com and
www.Betgameday.com.

"We were first targeted in September and have been under intermittent
attack ever since," said Alistair Assheton, managing director of the
privately held six-year-old firm.

E-XTORTION ARTISTS

The so-called denial-of-service attacks, which can disable a corporate
data network with a barrage of bogus data requests, are a standard
tool for hackers aiming to knock out a site.

Lately, police say, crime gangs have adapted it to extort businesses.  
Security experts and police said they believe the gangs are based in
Eastern Europe and Russia, taking advantage of the region's weak cyber
crime laws and its legions of savvy programmers.

Assheton said that on Monday he received the latest threat via e-mail.  
It was a demand for $30,000 (16,435 pounds) to be wired via Western
Union to the extortionist's account or risk being hit. "They
essentially said 'pay up or you will go down for the Super Bowl,'" he
said.

Police sources said this type of cyber "protection racket" has grown
in recent months. The risk of being knocked offline by a digital
attack on Super Bowl weekend, one of the busiest betting periods of
the year, could doom a gambling site.

Jeffrey Weber, who writes an online news letter dedicated to the
industry, called www.Alltopsportsbooks.com, estimated an outage of a
few hours is costly. "That's $500,000 to $1 million dollars worth of
action wiped out in one shot," he said.

PAY UP -- OR ELSE

Reuters obtained a copy of an e-mail extortion threat distributed
earlier this month. It demanded sites pay $15,000 for six months'
worth of protection.

"If you wait to make a deal with us when the attacks start, it will
cost you $25,000 for six months protection and the lost revenues as
your site will stay down until the $25,000 is received," the e-mail
threat said.

Weber said a number of small sites have paid up, calculating it would
be cheaper than going dark during a busy period. "It's almost like the
criminal elements of the neighbourhood bookmakers has merged with the
world of online bookmakers," he said.

Noting the relatively small sums demanded -- to ensure the victim does
not go out of business and can continue to pay up -- security and law
enforcement sources said they believe this is the work of gangs with
experience in such shakedown schemes.

"This is very professional," said one security expert.

The Net crime wave is not exactly new. Extortionists and crime groups
have targeted businesses of all sizes since the early days of
e-commerce.

Law enforcement has been hampered because until recently companies
were reluctant to report the incidents for fear of hurting their
business reputation. Police hope a recent spirit of cooperation will
help their cause.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.