A “distributed denial of service” (DDoS) attack is “a malicious attempt to disable or interrupt service to a computer or website, usually by causing large amounts of internet traffic to be directed to the computer or website,” according to the U.S. Department of Justice website. By overwhelming a network with data, DDoS attacks block access for legitimate users and knocks web services offline.
This new form of cybercrime has been on the rise, with it resulting in more than $11 million in losses to victims of DDoS attacks last year, the FBI’s Internet Crime Complaint Center reports.
A recent case in January 2018 highlights the concerning threat of DDoS attacks, and how they can be done by anyone, such as disgruntled ex-employees, not just experienced individuals.
New Mexico resident John Kelsey Gammell, 46, pleaded guilty in St. Paul, Minnesota, to engaging in and directing DDoS attacks against websites of former employers, companies that declined to hire him, competitors of Gammell’s business, and public services such as law enforcement agencies and courts. He pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer and two counts of being a felon-in-possession of a firearm.
Some victims of the attack, which he launched from around July 2015 to March 2017, included point-of-sale system repair company and former employer Washburn Computer Group, the Minnesota State Courts, Dakota County Technical College, Minneapolis Community and Technical College, and the Hennepin County Sheriff’s Office. Washburn Computer Group states that Gammell’s attacks cost the company about $15,000.
Gammell is also accused of paying $19.99 to $199.99 in monthly payments to try bringing down web networks that included those of the Minnesota Judicial Branch, Hennepin County and several banks.
Gammell launched DDoS attacks by using programs from his own computers and by purchased subscriptions from seven “DDoS-for-hire” companies, including VDoS, CStress, Inboot, Booter.xyz and IPStresser. He avoided detection by using IP address anonymization services, using cryptocurrency for payment, and using encryption and drive-cleaning tools, and spoofing emails.
This case highlights the difficulty of finding the suspects of cyberattacks when they’re carried out by far-afield hackers who advertise their services online. Authorities might not have caught Gammell without finding the taunting emails he allegedly sent after attacks, according to the Star Tribune.
“In our environment it’s pretty clear now that every organization needs some sophisticated and expensive tools to mitigate these DDoS attacks,” said Chris Buse, Minnesota’s chief information security officer.