Large DDoS, small extortion

manning bmanning at
Thu May 22 17:22:24 UTC 2014

negotiation is fine…  a weakness is presuming to know what the perp wants  (and many times they don;t know themselves)
so engagement is good  “The Cuckoo's Egg”  is worth the read…


On 22May2014Thursday, at 8:23, Livingood, Jason <Jason_Livingood at> wrote:

> On 5/22/14, 12:51 AM, "Beleaguered Admin" <dealing.with.ddos at>
> wrote:
>> This has been going on for a long time -- almost every detail is
>> exactly the same as what is described here:
>> taking-it-offline-for-days/
>> He is in regular communication (via whois info and other collected
>> contact data) asking for <$1000 USD sums to stop the attacks.
> That article said that the company didn¹t want to negotiate with
> criminals. As an aside I spent some time with a retired hostage negotiator
> on Tuesday (which was fascinating BTW). He actually said negotiation is
> always useful and sometimes paying a ransom demand can serve as a method
> to track where the money goes, to identify all the actors involved for
> later action (which may apply in this case). And sometimes financial
> demands are dropped as a result of negotiation.
>> Is it worth talking to law enforcement?  Some of these have been >500k
>> costs to the customer, but we assume the person doing it isn't in any
>> western country, so maybe it doesn't even matter?
> You may find the law enforcement more interested in engaging within you
> than you might think.
> Jason

More information about the NANOG mailing list