Large DDoS, small extortion

Roland Dobbins rdobbins at
Fri May 23 18:18:01 UTC 2014

On May 24, 2014, at 1:09 AM, Barry Shein <bzs at> wrote:

> What is this based on other than your subsequent "common sense" reasoning? (directly below)

I've been involved in helping people who've paid.  It didn't turn out well (obviously, or they wouldn't need help, heh).

> By "irrespective of what happens" do you include your earlier suggestion that the attacker might be traced and arrested?

Yes - it doesn't matter even if attacker #1 is traced and arrested (which doesn't happen often, and takes lots and lots of time), if you're now busy dealing with attackers #2 - N.

I've never, ever heard of an LEO recommending that someone pay in these particular circumstances - i.e., DDoS extortion.  I doubt one ever would.  But if one did, I personally wouldn't follow that particular recommendation, and would urge others to seriously think before doing it.

Roland Dobbins <rdobbins at> // <>

                   Equo ne credite, Teucri.

    		   	  -- Laocoön

More information about the NANOG mailing list