Police arrest DDoS blackmailers in China

Chinese and Hong Kong Police have smashed a gang blackmailing gold, silver and securities traders with the threat of DDoS attacks

Chinese and Hong Kong Police have smashed a gang blackmailing gold, silver and securities traders with the threat of distributed denial-of-service (DDoS) attacks.

The cross-border cyber policing operation netted six suspects in Hunan, Hubei, Shanghai and other locations at the end of June, according to The Standard.

The gang demanded £3,000 to £10,000 from 16 Hong Kong-based firms and threatened to cripple their online operations with DDoS attacks if they did not pay.

Investigations show the gang organised internet traffic to attack the targeted companies before using instant messaging to blackmail them.

Security industry representatives say DDoS blackmail is a common form of cyber crime, typically aimed at companies that rely on their websites for their core business activities.

Four of the targeted firms transferred funds totaling more than £29,000 into bank accounts in mainland China, the Hong Kong paper said.

A source told The Standard some of the victims may have been involved in illegal activities themselves, which made them more willing to pay the blackmailers.

Hong Kong authorities said many SMEs may be willing to pay small sums when faced with internet blackmail to avoid having their business blocked.

But they urged corporations to look for better security back-up and facilities and to notify police once they are threatened with blackmail.

In April, a study revealed that financial services firms were targeted by three times as many DDoS attacks in the first quarter of 2012 than in the previous quarter.

In the face of increased DDoS attacks, organisations should seriously consider implementing one of the DDoS mitigation tools that are available in the market, said Carl Leonard, senior security research manager at web traffic filtering firm Websense.

Not only do such attacks disrupt websites, he said, they could also enable more serious attacks using information gathered by attackers in the process.

Ideally, organisations should ensure that, if they are hit by a DDoS attack, they are in a position to gather intelligence and build up a profile of the attackers to pass on to their IT and network teams, to help improve defences, said Leonard.

Read more on Hackers and cybercrime prevention