Establishing Digital Trust: Don't Sacrifice Security for Convenience
Two programmers from Poland were recently sentenced to five years and four months in prison for blackmailing a British online casino with the threat of a DDoS attack (h/t Sophos).
Piotr Smirnow and Patryk Surmacki both pled guilty at the UK's Manchester Crown Court to two offenses each of blackmail and one offense of unauthorized acts on computers.
Smirnow and Surmacki contacted the owner of a Manchester-based online casino on July 23, 2013 with a request for a meeting. When they met at Heathrow Airport's Terminal 5, the two opened the meeting by threatening to disable his Web site with a DDoS attack unless he gave them a 50 percent share in his company.
He refused, and on August 2, 2013, the two launched a DDoS attack that took the company's servers down for five hours, costing the company approximately £15,000.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The CEO of the US-based company that provides the software platform used to run the Manchester casino's Web site then got involved, trying to mediate between the two parties. When he met with Smirnow and Surmacki at the Heathrow Sofitel on August 7, 2013, police were listening to their conversation and moved in to arrest the pair.
The Greater Manchester Police describe the entire process in detail here.
"This was a very complex, dynamic investigation that centered on an emerging global cyber threat," Detective Inspector Chris Mossop of the Serious Crime Division said in a statement. "Denial of service attacks have become increasingly common offences in recent years and can have a devastating effect on the victim’s online business."
"With millions of pounds and potentially dozens of jobs involved, Smirnow and Surmacki were playing for incredibly high stakes and clearly knew what they were doing ... they may have been using the latest technology, but this was simply good old-fashioned blackmail," Mossop added.