Police infiltrate shady DDoS-as-a-service marketplace DigitalStress
Officers "covertly and overtly accessed" communication platforms to spy on would-be attackers' conversations
The UK’s National Crime Agency has infiltrated and disrupted a DDoS for hire site called DigitalStress.
The operation, carried out in partnership with the Police Service of Northern Ireland, followed the PSNI’s arrest of one of the site’s suspected controllers earlier in July.
The NCA said it had taken over the site, disabled it, and replaced it with a mirror site. It has also “covertly and overtly accessed communication platforms being used to discuss launching DDoS attacks, telling and showing the users of these platforms that nowhere is safe for cyber criminals to talk about their criminal activity.”
The NCA said: “User information will now be analysed by the NCA for law enforcement action, and data relating to overseas users will be passed to international law enforcement.
Paul Foster, the NCA’s deputy director, and head of its National Cyber Crime Unit, said in a statement, “Anyone using these services while our mirror site was in place has now made themselves known to law enforcement agencies around the world.”
He added that the NCA was “at the forefront of developing innovative tools and techniques which can be used as part of a sustained programme of activity to disrupt and undermine cybercriminal services and protect people in the UK.”
DDoS attacks – and attackers - might be relatively unsophisticated in the hierarchy of cybercrime. However, they’re an easy way for those with bad intentions to cause mischief, irritation, and, if they’re so-minded, serious disruption.
Cloudflare’s most recent DDoS threat report logged 4.5 million attacks in the first quarter of the year, a 50% rise on the year.
It noted that attacks on Sweden were up 466% following the country’s acceptance into NATO, illustrating how nation-states, or at least state-aligned actors, can turn on the taps.
France was forced to stand up a special crisis centre in March to fend off a wave of DDoS attacks on government infrastructure. This was seen as a harbinger of a cyber storm headed for the country as it prepares to open the doors to the Paris Olympics on Friday.