Federal prosecutors have charged six men with waging a DDoS attack wave on websites worldwide.
DDoS stands for “distributed denial-of-service,” or attacks that bombard targeted computers with information, blocking them from accessing the internet.
In this case, the Justice Department seized 48 internet domains connected to some of the world’s foremost DDoS-for-hire services, while also charging six men for overseeing computer attack platforms commonly referred to as “booter” services.
“Booter services such as those named in this action allegedly attacked a wide array of victims in the United States and abroad, including educational institutions, government agencies, gaming platforms, and millions of individuals,” the Justice Department said in a Wednesday (Dec. 14) news release.
“In addition to affecting targeted victims, these attacks can significantly degrade internet services and can completely disrupt internet connections.”
The FBI has charged six men from California and Alaska for operating the scheme, which included services that claimed to offer “stresser” tools for network testing.
However, investigators found these claims were false, due to communications between booter site administrators and customers that “make clear that both parties are aware that the customer is not attempting to attack their own computers,” according to court documents.
The charges come as businesses are becoming more aware of the cyber threats they face, a topic PYMNTS explored earlier this week in a conversation with Ofer Brown, general manager of Israel and APAC at cybersecurity firm nsKnox.
“Cybersecurity was a domain once limited to cybersecurity conferences. But today, cybersecurity and risk are [widely] discussed in finance,” he said.
In addition, finance professionals have a growing awareness of compliance, especially as it relates to sanctions on banks in Russia, said Brown, adding that this has led to a rise in client requests to verify that funds are not being transferred to sanctioned bank accounts.
“Even banks find it hard to comply. And at the corporate level it’s much harder for them to connect to all the [sanctions accounts] lists out there,” he said, pointing to how nsKnox offers its corporate cybersecurity expertise to help clients validate the identity of suppliers.
And because most attacks are tied to information sharing through emails and PDF documents, Brown said his company has introduced a bank account certificate for its clients: “It’s an encrypted PDF with our technology embedded that you can share between two parties, and they can at any given time check that the account is correct and that you are the owner.”