Spamhaus DDoS Attacker Loses 'Catch Me If You Can' Game with Authorities

By

You likely already know that Spanish authorities have arrested the 35-year-old Dutchman hacker known as “SK,” who was responsible for the largest Distributed Denial of Service (DDoS) attack in March on the not-for-profit Internet organization Spamhaus, a London and Geneva-based group that helps email providers filter out spam and other unwanted content. He was apprehended a few days ago in the city of Granollers, 20 miles (35km) north of Barcelona.

The subject of an intensive search by U.S., U.K., Dutch and Spanish investigators, SK is a member of the “Cyberbunker” group that believes anything but child pornography and terrorism is fair game for publication on the Internet. The suspect is expected to be extradited from Spain to be tried in the Netherlands.

The good news is authorities got their man. In fact, when captured as the perpetrator of launching what is being called the largest DDoS attack in history (300Gbps as opposed to a typical attack of 50Gbps) on Spamhaus, he self-identified as belonging to the "Telecommunications and Foreign Affairs Ministry of the Republic of Cyberbunker." The not-so-good news is the level of sophistication SK employed to accomplish his malicious feat.

For decades, mobility has been a tool for those trying to elude surveillance or capture, going all the way back to the Cuban Missile Crisis when nuclear-armed missiles were put on trucks and shuttled between bunkers to elude U.S. reconnaissance.

SK did not just use a vehicle to evade capture, he actually had a van outfitted to launch and sustain his attack. In fact, the Spanish interior minister said SK was able to carry out network attacks from the back of a van that had been "equipped with various antennas to scan frequencies." This is an illustration of just how ingenuous the bad guys have become in their use of mobile technology.

The coordinated attack on Spamhaus, in protest over its decision to add servers maintained by Cyberbunker to a spam blacklist, opens a new chapter in keeping up with the bad actors. Cyberbunker, named for the former bunker it uses as its headquarters, has unfortunately not just gone mobile, but has provided a new means for others to copy.

This time the authorities got their man in a relatively short period of time. Given how quickly SK was placed in custody hopefully puts others with similar intent on notice that, while they can run, they cannot hide.   




Edited by Alisen Downey
SHARE THIS ARTICLE
Related Articles

How Real is Telecom Network Transformation: From Legacy to Leading Edge by When?

By: Cynthia S. Artin    11/7/2018

Last week, ABI Research issued its latest report and forecasts in the network orchestration domain, asserting that while a disruption in orchestration…

Read More

What's New in Artificial Intelligence

By: Paula Bernier    11/5/2018

A brief look at what's new in the world of artificial intelligence as it relates to IT operations; customer engagement; marketing analytics; and cloud…

Read More

IBM Makes $34B Bet with Red Hat

By: Paula Bernier    10/29/2018

IBM plans to purchase Red Hat in a $34 billion deal. Big Blue says its combination with the open source pioneer will establish it as the world's No. 1…

Read More

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More