Spamhaus DDoS Attacker Loses 'Catch Me If You Can' Game with Authorities

By Peter Bernstein April 29, 2013

You likely already know that Spanish authorities have arrested the 35-year-old Dutchman hacker known as “SK,” who was responsible for the largest Distributed Denial of Service (DDoS) attack in March on the not-for-profit Internet organization Spamhaus, a London and Geneva-based group that helps email providers filter out spam and other unwanted content. He was apprehended a few days ago in the city of Granollers, 20 miles (35km) north of Barcelona.

The subject of an intensive search by U.S., U.K., Dutch and Spanish investigators, SK is a member of the “Cyberbunker” group that believes anything but child pornography and terrorism is fair game for publication on the Internet. The suspect is expected to be extradited from Spain to be tried in the Netherlands.

The good news is authorities got their man. In fact, when captured as the perpetrator of launching what is being called the largest DDoS attack in history (300Gbps as opposed to a typical attack of 50Gbps) on Spamhaus, he self-identified as belonging to the "Telecommunications and Foreign Affairs Ministry of the Republic of Cyberbunker." The not-so-good news is the level of sophistication SK employed to accomplish his malicious feat.

For decades, mobility has been a tool for those trying to elude surveillance or capture, going all the way back to the Cuban Missile Crisis when nuclear-armed missiles were put on trucks and shuttled between bunkers to elude U.S. reconnaissance.

SK did not just use a vehicle to evade capture, he actually had a van outfitted to launch and sustain his attack. In fact, the Spanish interior minister said SK was able to carry out network attacks from the back of a van that had been "equipped with various antennas to scan frequencies." This is an illustration of just how ingenuous the bad guys have become in their use of mobile technology.

The coordinated attack on Spamhaus, in protest over its decision to add servers maintained by Cyberbunker to a spam blacklist, opens a new chapter in keeping up with the bad actors. Cyberbunker, named for the former bunker it uses as its headquarters, has unfortunately not just gone mobile, but has provided a new means for others to copy.

This time the authorities got their man in a relatively short period of time. Given how quickly SK was placed in custody hopefully puts others with similar intent on notice that, while they can run, they cannot hide.   




Edited by Alisen Downey
SHARE THIS ARTICLE
Related Articles

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More

Satellite Imaging - Petabytes of Developer, Business Opportunities

By: Doug Mohney    4/11/2018

Hollywood has programmed society into believing satellite imaging as a magic, all-seeing tool, but the real trick is in analysis. Numerous firms are f…

Read More