The National Crime Agency (NCA) has arrested 12 people who allegedly used the Netspoof stresser software to take down websites and web servers.
The crackdown, part of Operation Vulcanalia, used intelligence gathered by the West Midlands Regional Cyber Crime Unit to uncover individuals and groups suspected of using the easy to purchase software to target gaming providers, government departments, internet hosting companies, schools and colleges.
"These attacks pose a huge economic cost to the economy. It is not a victimless crime," said senior investigating officer Jo Goodall, from the NCA's National Cyber Crime Unit.
"Smaller businesses have to absorb extra costs of DDoS protection services but every business hit by an attack can suffer reputational damage. It can cost very little to buy this illegal software so these attacks can now be launched by the relatively unskilled and almost anyone with a grievance."
The NCA cited research by Kaspersky, which revealed DDoS attacks can cost large enterprises more than 1.3 million, while smaller companies are losing up to 84,000 in lost revenues and reputation when they become the victim of a DDoS attack.
"The scale of the problem is truly global. It requires worldwide co-operation, which we have seen on this job with the focus on arresting those who won't change their ways, and trying to prevent those who will from future offending," Goodall added.
Part of Operation Vulcanalia is educating younger hackers about the damage such attacks can cause, issuing cease and desist notices rather than arresting young offenders.
"Many IT enthusiasts get involved in seemingly low-level fringe cyber crime activities from a young age, unaware of the consequences that such crimes carry," Europol's Steven Wilson said. "One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path."
The crackdown resulted in 12 arrests, 30 cease and desist notices issued, the seizure of computers from 11 suspects, one protective visit made and two cautions issued.
Of the 12 arrests, nine were men and eight were men aged between 18 and 30.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
US begins seizure of 48 DDoS-for-hire services following global investigationNews Six people have been arrested who allegedly oversaw computer attacks launched using booters
-
Will triple extortion ransomware truly take off?In-depth Operators are now launching attacks with three extortion layers, but there are limitations to this model
-
GoDaddy web hosting reviewReviews GoDaddy web hosting is backed by competitive prices and a beginner-friendly dashboard, and while popular, beware of hidden prices
-
Japan investigates potential Russian Killnet cyber attacksNews The hacker group has said it’s revolting against the country’s militarism and that it’s “kicking the samurai”
-
LockBit hacking group to be 'more aggressive' after falling victim to large-scale DDoS attackNews The ransomware group is currently embroiled in a battle after it leaked data belonging to cyber security company Entrust
-
Record for the largest ever HTTPS DDoS attack smashed once againNews The DDoS attack lasted 69 minutes and surpassed the previous record of 26 million RPS
-
Cloudflare unveils new One Partner Program with zero trust at its coreNews Cloudflare CEO Matthew Prince says the initiative aims to take the complexity out of zero trust architecture
