Spamhaus DDoS Attacker Loses 'Catch Me If You Can' Game with Authorities

By

You likely already know that Spanish authorities have arrested the 35-year-old Dutchman hacker known as “SK,” who was responsible for the largest Distributed Denial of Service (DDoS) attack in March on the not-for-profit Internet organization Spamhaus, a London and Geneva-based group that helps email providers filter out spam and other unwanted content. He was apprehended a few days ago in the city of Granollers, 20 miles (35km) north of Barcelona.

The subject of an intensive search by U.S., U.K., Dutch and Spanish investigators, SK is a member of the “Cyberbunker” group that believes anything but child pornography and terrorism is fair game for publication on the Internet. The suspect is expected to be extradited from Spain to be tried in the Netherlands.

The good news is authorities got their man. In fact, when captured as the perpetrator of launching what is being called the largest DDoS attack in history (300Gbps as opposed to a typical attack of 50Gbps) on Spamhaus, he self-identified as belonging to the "Telecommunications and Foreign Affairs Ministry of the Republic of Cyberbunker." The not-so-good news is the level of sophistication SK employed to accomplish his malicious feat.

For decades, mobility has been a tool for those trying to elude surveillance or capture, going all the way back to the Cuban Missile Crisis when nuclear-armed missiles were put on trucks and shuttled between bunkers to elude U.S. reconnaissance.

SK did not just use a vehicle to evade capture, he actually had a van outfitted to launch and sustain his attack. In fact, the Spanish interior minister said SK was able to carry out network attacks from the back of a van that had been "equipped with various antennas to scan frequencies." This is an illustration of just how ingenuous the bad guys have become in their use of mobile technology.

The coordinated attack on Spamhaus, in protest over its decision to add servers maintained by Cyberbunker to a spam blacklist, opens a new chapter in keeping up with the bad actors. Cyberbunker, named for the former bunker it uses as its headquarters, has unfortunately not just gone mobile, but has provided a new means for others to copy.

This time the authorities got their man in a relatively short period of time. Given how quickly SK was placed in custody hopefully puts others with similar intent on notice that, while they can run, they cannot hide.   




Edited by Alisen Downey
SHARE THIS ARTICLE
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More