[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Large DDoS, small extortion
I could attribute a fair number of misdeeds to that book. ;)
On 5/22/14, 10:22 AM, "manning" <bmanning at karoshi.com> wrote:
>negotiation is fineâ?¦ a weakness is presuming to know what the perp wants
> (and many times they don;t know themselves)
>so engagement is good â??The Cuckoo's Eggâ?? is worth the readâ?¦
>
>/bill
>
>
>On 22May2014Thursday, at 8:23, Livingood, Jason
><Jason_Livingood at cable.comcast.com> wrote:
>
>> On 5/22/14, 12:51 AM, "Beleaguered Admin" <dealing.with.ddos at gmail.com>
>> wrote:
>>
>>> This has been going on for a long time -- almost every detail is
>>> exactly the same as what is described here:
>>>
>>>http://techcrunch.com/2014/03/03/meetup-suffering-significant-ddos-attac
>>>k-
>>> taking-it-offline-for-days/
>>>
>>> He is in regular communication (via whois info and other collected
>>> contact data) asking for <$1000 USD sums to stop the attacks.
>>
>> That article said that the company didn¹t want to negotiate with
>> criminals. As an aside I spent some time with a retired hostage
>>negotiator
>> on Tuesday (which was fascinating BTW). He actually said negotiation is
>> always useful and sometimes paying a ransom demand can serve as a method
>> to track where the money goes, to identify all the actors involved for
>> later action (which may apply in this case). And sometimes financial
>> demands are dropped as a result of negotiation.
>>
>>> Is it worth talking to law enforcement? Some of these have been >500k
>>> costs to the customer, but we assume the person doing it isn't in any
>>> western country, so maybe it doesn't even matter?
>>
>> You may find the law enforcement more interested in engaging within you
>> than you might think.
>>
>> Jason
>>
>