Pay up or we'll destroy your site... (unless it's porn in which case, pay up and you'll destroy your own sight...)
Published: 12 November 2003 16:55 GMT
Gangs of cyber-hoods are terrorising businesses with the kind of protection rackets that form the basis of offline organised crimes.
The 'pay up or we'll burn down your bar' approach favoured by organised criminals worldwide has made the move online, with cyber-criminals threatening to destroy companies' online presence if they don't pay them off.
The most common and effective ploy being used by these criminals is the threat of a distributed denial of service attack (DDoS), which can take down a site by bombarding its servers with emails from a network of PCs all breached by a Trojan.
Part of the problem with these kinds of crimes is that it is almost impossible to gauge the full extent of the problem, because many companies would rather pay up and avoid the negative press which their case might attract if they reported it to police - and shareholders.
In the same way companies like to brush hacks and virus outbreaks under the carpet, many would be loathe to publicly admit their systems are vulnerable.
Neil Barrett, technical director at Information Risk Management, who is an advisor to the UK police on high-tech crime, said: "Nobody knows the full extent of this problem. There has certainly been a significant increase in the number of denial of service attacks and the only sensible reason would seem to relate to extortion."
Barrett highlighted the problem of non-disclosure, stating that many companies may opt to comply with "pay up and don't tell the police"-style demands.
He said among the sites targeted previously include internet gambling sites. But in theory any company conducting cash transactions with clients or customers is a target - criminals know many will look upon paying the ransom as the lesser 'evil' compared to running the risk that clients lose faith in the sites security.
As for who is committing these crimes, Barrett is convinced this is not a new breed of criminal.
"It's the same criminals, just with new tricks," he said, stating that previous investigations have implicated the Russian mafia, suggesting organised crime has realised there are rich pickings now to be had online.
"It's up to all of us to guard against this," said Barrett, explaining that the home PC infected with the Trojan which enables the DDoS attack is as important a cog in the criminals' machine as the site which is targeted.
"In the same way the police can't guard every shop on the high street, you can't guard every site on the internet. We all have to be a lot more vigilant."
Basic awareness of computer based network attack scenarios.Desirable Experience: Detailed understanding of networking protocols. Moderate awareness ...
Management, Enforcement, Detecting Criminals, Monitoring Traffic Speeds etc. Usually found in high threat commercial facilities, within Police ...
In depth experience of working with Intrusion Detection (IDS), Threat Analysis and Malware & Trojan Research technologies and techniques are expected ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business
Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business