Large DDoS, small extortion
LarrySheldon at cox.net
Sun May 25 00:09:06 UTC 2014
On 5/24/2014 11:29 AM, Anne P. Mitchell, Esq. wrote:
>> Law enforcement and victims have different objectives. Law
>> enforcement wants to find the criminal, gather sufficient evidence
>> to prove their guilt, then prosecute them. More attacks helps law
>> The victims, in general, want the attacks to stop.
> Actually, our experience in this particular case (it is the same
> person(s) hitting all of the targets, even using the same email
> addresses, etc.) is that the victims want to find the guy too. In
> fact, I can say with a fair degree of certainty that the coordinated
> efforts of a dedicated group of "victims", who have come together
> without regards to the fact that they are otherwise 'competitors' in
> business, and who have furnished the agencies with useable technical
> information about the attacks, have given the agencies a substantial
> leg up in the investigation.
All that from a far greater authority than I.
But lest my weak words be misunderstood, I have no objection what ever
to providing technical information (and facilities, even)--it is ONLY
the paying of ransom that I object to. And I think I would say that if
I were the captive.
I think over the long haul the odds are that if you DO pay the ransom,
the victim will be dead anyway.
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi causa non oritur actio Infallibility, and the ability to
learn from their mistakes.
(Adapted from Stephen Pinker)
More information about the NANOG