After being warned about the potential damage that “DDoS for hire” services can do to the national communication infrastructure over a year ago, FBI has finally brought down 15 of the worst of them. This seizure followed a long-term and widespread investigation that was conducted with the collaboration of multiple agencies, including the UK’s National Crime Agency, the US Justice Department, the Dutch National Police, and data from Cloudflare, Google, and many others.
A DDoS (Distributed Denial of Service) attack involves the flooding of traffic coming to a server from various different sources, bringing the resource handling system to its knees, and finally resulting in service unavailability. The traffic comes in the form of superfluous requests that can easily overload servers, with some of the sites that FBI investigated exceeding 40 gigabits per second, which is more than enough to knock even the most robust server systems out for some time.
Among the 15 DDoS websites that were seized are the well-known downthem.org, defcon.pro, netstress.org, and vbooter.org. Three people who are charged as operators of these sites have already been prosecuted, and they are Matthew Gatrel and Juan Martinez from California, and David Bukoski who resides in Alaska. The defendants will now have to prove that their services were not ill-intended and that the DDoS services that they provided had the only goal of testing out how resilient corporate networks were against this type of attack. Of course, FBI’s investigation evidence leaves little margin for such claims as downthem.org for example, was found to have carried out over 200,000 attacks.
FBI’s seizure comes after a similar action launched by the European authorities earlier this year, which resulted in the seizure of the webstresser.org, a huge DDoS service provider that was allegedly responsible for more than six million DDoS attacks. Still, the internet and the infrastructure that supports its operation are still not safe, but taking out some of the largest players in this menacing field means that the DDoS attacks will be smaller in size and power, and as such, more manageable.