Justice Department hopes to disrupt ‘dumbest tradition ever’ with latest DDoS seizure
Law enforcement may have just ruined what’s become a holiday tradition for cybercriminals who spend Christmas knocking gaming websites offline.
The U.S. Department of Justice announced on Thursday officials had seized 15 internet domains that made it possible for web users to launch distributed denial-of-service attacks, which render software inaccessible by flooding targets with fake traffic.
The sites involved in the takedown were known as “booter” and “stresser” websites, which enabled users to easily launch DDoS attacks like the kinds that have hit Sony’s PlayStation and Microsoft’s Xbox services in recent Christmas seasons. Prosecutors also filed charged against two men with conspiring to violate the Computer Fraud and Abuse Act by allegedly operating DDoS-for-hire services known as Downthem and Ampnode.
In another case, investigators charged a 23-year-old Pennsylvania man with operating a criminal service that was used to launch more than 50,000 attacks in 2018 alone.
“The attack-for-hire websites targeted in this investigation offered customers the ability to disrupt computer networks on a massive scale, undermining the internet infrastructure on which we all rely,” said U.S. Attorney Nicola T. Hanna of the Central District of California, in a statement.
The crackdown was the product of collaboration between law enforcement and internet companies including Akamai, Google, Cloudflare, Oracle and others, the Justice Department said in a statement. It’s the latest example of firms working together to fend off DDoS attacks that have worsened in the past four or five years, said Allison Nixon, director of security research at Flashpoint, which was involved in the effort.
While DDoS operators advertise their services as a way for frustrated customers to lash out at faceless corporations, the attacks typically result in security staff working over the holidays, Nixon added.
“It’s like the dumbest tradition ever,” she said. “The reality is that the investors and higher-ups never deal with this. It’s the worker bees and the people who are responsible for keeping the network up, and the salaried employees who probably don’t even get overtime on Christmas.”
It’s impossible to predict whether cybercriminals will launch a successful attack again this year. But years of attention on the issue, and informal information sharing networks between researchers have created a positive momentum, Nixon said.
“These types of DDoS attacks always come back to rear their head but the severity of the problems are being reduced more quickly,” she said.