NCA arrests 12 people in DDoS crackdown
People suspected of using £4 Netspoof stresser software to take down web servers and websites
The National Crime Agency (NCA) has arrested 12 people who allegedly used the Netspoof stresser software to take down websites and web servers.
The crackdown, part of Operation Vulcanalia, used intelligence gathered by the West Midlands Regional Cyber Crime Unit to uncover individuals and groups suspected of using the easy to purchase software to target gaming providers, government departments, internet hosting companies, schools and colleges.
"These attacks pose a huge economic cost to the economy. It is not a victimless crime," said senior investigating officer Jo Goodall, from the NCA's National Cyber Crime Unit.
"Smaller businesses have to absorb extra costs of DDoS protection services but every business hit by an attack can suffer reputational damage. It can cost very little to buy this illegal software so these attacks can now be launched by the relatively unskilled and almost anyone with a grievance."
The NCA cited research by Kaspersky, which revealed DDoS attacks can cost large enterprises more than 1.3 million, while smaller companies are losing up to 84,000 in lost revenues and reputation when they become the victim of a DDoS attack.
"The scale of the problem is truly global. It requires worldwide co-operation, which we have seen on this job with the focus on arresting those who won't change their ways, and trying to prevent those who will from future offending," Goodall added.
Part of Operation Vulcanalia is educating younger hackers about the damage such attacks can cause, issuing cease and desist notices rather than arresting young offenders.
"Many IT enthusiasts get involved in seemingly low-level fringe cyber crime activities from a young age, unaware of the consequences that such crimes carry," Europol's Steven Wilson said. "One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path."
The crackdown resulted in 12 arrests, 30 cease and desist notices issued, the seizure of computers from 11 suspects, one protective visit made and two cautions issued.
Of the 12 arrests, nine were men and eight were men aged between 18 and 30.
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now