by CIO Staff

Cyber-Blackmailers Hit With Heavy Sentence

Oct 05, 20062 mins

gavels on a table governance compliance legal
Credit: Thinkstock

Three Russians who succeeded in extorting money from online gambling websites based in the United Kingdom have each been handed an eight-year jail sentence.

According to Russian news sources, Ivan Maksakov, Alexander Petrov and Denis Stepanov used botnet-derived distributed denial-of-service (DDoS) attacks, and follow-up threats, to persuade targeted businesses to pay up to 2 million pounds (about US$4 million).

Prosecutors said the men, based in the Saratov region, had conducted 54 attacks on servers in 30 countries over a six-month period in 2003.

One particular attack involved attempting to blackmail U.K.-Australian betting site Canbet during the important Breeders’ Cup horse race. The company refused the men’s demand for $10,000, and was hit with a successful DDoS attack that made servers inaccessible and cost a claimed $200,000 a day.

Canbet then agreed to pay the ransom into a Latvian bank account, after which it was still attacked. This appears to have been the men’s downfall, as the company subsequently decided to report the blackmail to the United Kingdom’s National High-Tech Crime Unit (NHTCU), now part of the U.K. Serious Organised Crime Agency (SOCA). Interpol and the Russian police were enlisted to track down the crooks.

The case is believed to be an interesting one. According to a blog on the topic by Russian security company Kaspersky, such crimes have rarely come to court or have been looked on leniently. The relative severity of the sentence could reflect a change in tack by Russian authorities, sensitive to accusations that the country has become a hot zone for cyber-criminality.

“DoS attacks were the scourge of the Internet between 2002 and 2004. However, we’ve noticed a real drop in the number of attacks, and it could be said that this type of cyber crime is already pretty much extinct,” the blog said.

Equally, as Kaspersky reported earlier this year, Russian-created Trojans that encrypt data before demanding payments have started a disturbing new blackmailing trend of their own. Unlike conventional blackmailing attempts, Trojans afford more anonymity.

-John E. Dunn, (London)