 |
 Latest online scams: pay, or get disconnected
September 24, 2004
Recently, another company felt the anger of online extortionists for not coming up with the money asked. This time, it was online credit card processor Authorize.net, a company providing payment-processing services for more than 91,000 small- to medium-size e-commerce firms.
The company, a business unit of data-processing company Lightbridge, experienced intermittent outages due to a flood of data from a large number of computers on the Internet, what's known as a distributed denial-of-service (DDoS) attack.
In a statement to users posted yesterday, Authorize.Net said it "continues to experience intermittent distributed denial of service (DDoS) attacks. Our system engineers have successfully minimized the impact of each attack and have quickly restored services to affected merchants. Industry experts are onsite and working with Authorize.Net to expedite a resolution. Please be aware that the stability and reliability of the Authorize.Net platform remains our top priority; and we are doing everything we can to restore and maintain secure transaction processing despite these unforeseen attacks."
The company received an extortion note a few days before the attacks began asking for a "substantial amount of money". "It was something that was sent to our general mailbox," says David Schwartz, the company's marketing director. He did not elaborate on how the money was to have been delivered or whether the note came from a source inside the United States.
The Authorize.Net attack follows the usual modus operandi of the DDOS extortionists, who kick off with blackmail threats, before making various attempts to take a site offline using progressively more sophisticated techniques.
Online extortion has become increasingly common; companies that don't pay demands are faced with a flood of data attacks that disrupt their Internet service. "We have seen this in online gaming sites, in Web hosting and to some extent in financial services", said Tom Corn, vice president of product marketing at denial-of-service defense firm Mazu Networks. "We have seen a huge escalation," he added.
Tom believes denial-of-service attacks are no longer just the problem of Internet service providers. Companies that rely on the Internet need to make their own plans to deal with such attacks.
Worms such as MyDoom and Bagle (and Trojans such as Phatbot) surrender the control of infected PCs to hackers. These expanding networks of zombie PCs (dubbed 'botnets' by the computer underground) are most often used for spam distribution but they also serve as effective platforms for DDoS attacks. Attacks typically start with crude SYN Flood attacks. If that doesn't scare targets into paying then attackers resort to more sophisticated attacks (SYN Floods, UDP Floods, NB-Gets, ICMP Ping Floods and UDP Fragment Attacks). The effect on unprotected sites can be devastating.
In July of 2004, three men suspected of masterminding a cyber-extortion racket targeting online bookies were arrested in a joint operation between the UK's National Hi-Tech Crime Unit and its counterparts in the Russian Federation. The trio, who investigators reckon netted hundreds of thousands of pounds from the shakedowns, were picked up in a series of raids both in St Petersburg, and in the Saratov and Stavropol regions in southwest Russia.
|
|
