International law enforcement agencies in more than dozen countries arrested 34 individuals in a cyber-crime sweep that focused on customers of online services that provide denial-of-service attacks to order.
In the United States, the FBI arrested a 26-year-old University of Southern California graduate student allegedly linked to distributed denial-of-service (DDoS) attack that knocked a San Francisco chat-service company offline. The suspect, Sean Sharma, was arrested on Dec. 9 for purchasing a DDoS tool used to mount the attack, the FBI stated in a release.
Since last week, the FBI’s International Cyber Crime Coordination Cell, or IC4, and other law enforcement agencies—including Europol and the U.K.’s National Crime Agency—have arrested 34 suspects and conducted interviews with 101 individuals.
“DDoS tools are among the many specialized cyber-crime services available for hire that may be used by professional criminals and novices alike,” Steve Kelly, FBI unit chief of IC4, said in the agency’s statement. “While the FBI is working with our international partners to apprehend and prosecute sophisticated cyber-criminals, we also want to deter the young from starting down this path.”
DDoS-for-hire services have increased in use to account for 93 percent of all distributed denial-of-service attacks, according to Incapsula, a DoS mitigation service owned by Imperva. Neustar, a real-time cloud-based information and analysis provider, confirmed that booters and stressors have grown significantly over the past four years.
"A pretty large portion of the DDoSes we have seen are the fault of the stressors and booters,” Rodney Joffe, senior vice president and fellow at Neustar, told eWEEK. “And it has been a problem for 4 years.”
The worldwide law enforcement action aims to carry a message to young offenders that what may seem to them as innocuous cyber-pranks are actually serious crimes that carry hefty legal penalties, the law enforcement groups said.
The people arrested are suspected of paying for DDoS services to launch floods of data against websites and online services—often gaming platforms.
“Today’s generation is closer to technology than ever before, with the potential of exacerbating the threat of cyber-crime,” Steve Wilson, head of the European Cyber Crime Centre (EC3), said in a statement. “Many IT enthusiasts get involved in seemingly low-level fringe cyber-crime activities from a young age, unaware of the consequences that such crimes carry.”
Yet, Neustar’s Joffe doubted that the arrests will make much of an impact.
“There are millions of kids who play games, and they don’t think this is illegal,” he said. “Or they understand that this is illegal, but they don’t think they are going to get caught.”
Law enforcement agencies carried out actions in Australia, Belgium, France, Hungary, Lithuania, the Netherlands, Norway, Portugal, Romania, Spain, Sweden, the United Kingdom, and the U.S. The law enforcement organizations underscored that fighting the cyber-crimes require a collaborative effort.
“No law enforcement agency or country can defeat cyber-crime alone,” the FBI said in its statement. “This demands a collective global approach.”