Large DDoS, small extortion

Roland Dobbins rdobbins at
Fri May 23 17:38:49 UTC 2014

On May 24, 2014, at 12:13 AM, Barry Shein <bzs at> wrote:

> Some reasonable-sounding suggestions could be counter-productive or even downright dangerous (depending on the nature of the attacker.) Or a waste of time.

Sure.  Every circumstance is different.  But there is *one* universal rule

Never pay.  

Never, under any circumstances, pay.  Not even if you've persuaded the Men from U.N.C.L.E. to help you, and they suggest you pay because they think they can trace the money, do not pay.

Why not?

Because, irrespective of what happens with this one attacker, you will be swarmed by countless others.  Attackers brag when they're paid; they'll exaggerate how much they received, and then you have a much bigger problem.

So, yes - one's own experiences and what one did and how one did it and why one did it and how it turned out are very valuable to share.

But never, under any circumstances, for any reason, no matter who advises you to do so, should you pay.

Roland Dobbins <rdobbins at> // <>

                   Equo ne credite, Teucri.

    		   	  -- Laocoön

More information about the NANOG mailing list