Law enforcers across Europe and beyond have started the year as they mean to go on with a closely co-ordinated operation resulting in the arrest of a key target in connection with infamous DDoS Bitcoin extortion group DD4BC.
Europol revealed in a statement on Tuesday that Operation Pleiades had been a success, resulting in one arrest, the detention of another suspect, and the seizure of an “extensive amount of evidence” resulting from property searches.
The operation was carried out on 15 and 16 December by law enforcers from Austria, Bosnia and Herzegovina, Germany and the UK along with Europol. It was the UK’s Metropolitan Police Cyber Crime Unit (MPCCU) that apparently identified key members of the group in Bosnia.
Police in Australia, France, Japan, Romania, Switzerland and the US (FBI and Secret Service) were also involved, alongside Interpol, the statement continued.
DD4BC is well known for extorting money from online gambling, financial services, entertainment and other firms—threatening them with DDoS attacks unless they pay up in Bitcoins.
“These [cybercrime] groups employ aggressive measures to silence the victims with the threat of public exposure and reputation damage. Without enhanced reporting mechanisms law enforcement is missing vital means to protect companies and users from recurring cyber-attacks,” argued Europol deputy director of operations, Wil van Gemert.
“Police actions such as Operation Pleiades highlight the importance of incident reporting and information sharing between law enforcement agencies and the targets of DDoS and extortion attacks.”
Brian Honan, founder of BH Consulting and special adviser to Europol, welcomed the news as another example of law enforcers working well together across jurisdictional boundaries, and as a good lesson for victimized firms on why working with police should always be the preferred option.
“In the past, companies have been reluctant to share details of a security incident with law enforcement as they think there is little chance the criminals behind the attack will be brought to justice,” he told Infosecurity.
“But by working with law enforcement the information gathered, analysed, and shared can provide an overall picture of who the criminals are. So even if the attack your company is victim to does not yield immediate results, the information you share with law enforcement could be a vital clue in unraveling the overall puzzle as to who the criminals are and eventually lead to their arrest.”
Honan added that the arrest also showed cybercriminals can’t always hide behind anonymization tools and digital currencies.
Others warned this is unlikely to be the last of DDoS-based ransom demands.
“Distributed denial of service attacks are easier to pull off than ever, which is why we are seeing them increasingly used as a means of gaining leverage over businesses that are highly reliant on the internet,” argued A10 Networks product marketing director, Paul Nicholson.
“For organizations such as banks, financial institutions and even gambling websites, network downtime is equated with an immediate loss of revenue, which can lead them to give in to demands. Fortifying defenses must be these organizations’ top priority.”