[ISN] Net crime gangs hit gambling sites

From: William Knowles (wk@private)
Date: Fri Jan 30 2004 - 05:51:37 PST

  • Next message: William Knowles: "[ISN] Microsoft offers reward for MyDoom.B leads"

    http://www.reuters.co.uk/newsArticle.jhtml?type=internetNews&storyID=4237306
    
    By Bernhard Warner
    European Internet Correspondent
    29 January, 2004 
    
    LONDON (Reuters) - Organised crime gangs are shaking down Internet
    betting sites on the eve of American football's Super Bowl,
    threatening to unleash a crippling data attack unless they pay a
    "protection" fee, police and site operators said.
    
    The National Hi-Tech Crime Unit (NHTCU) told Reuters it is
    investigating a series of attacks and threats of attacks on companies
    in the United Kingdom.
    
    But security experts say sites based in the Caribbean and continental
    Europe have also been targeted.
    
    "These are not groups of amateur hackers -- great deals of money are
    changing hands," said an NHCTU spokesman. "These are for-profit crimes
    and all intelligence suggests that organised crime is involved."
    
    One such target is Curacao-based VIP Management Services, which runs
    seven gambling sites including www.VIPSports.com and
    www.Betgameday.com.
    
    "We were first targeted in September and have been under intermittent
    attack ever since," said Alistair Assheton, managing director of the
    privately held six-year-old firm.
    
    E-XTORTION ARTISTS
    
    The so-called denial-of-service attacks, which can disable a corporate
    data network with a barrage of bogus data requests, are a standard
    tool for hackers aiming to knock out a site.
    
    Lately, police say, crime gangs have adapted it to extort businesses.  
    Security experts and police said they believe the gangs are based in
    Eastern Europe and Russia, taking advantage of the region's weak cyber
    crime laws and its legions of savvy programmers.
    
    Assheton said that on Monday he received the latest threat via e-mail.  
    It was a demand for $30,000 (16,435 pounds) to be wired via Western
    Union to the extortionist's account or risk being hit. "They
    essentially said 'pay up or you will go down for the Super Bowl,'" he
    said.
    
    Police sources said this type of cyber "protection racket" has grown
    in recent months. The risk of being knocked offline by a digital
    attack on Super Bowl weekend, one of the busiest betting periods of
    the year, could doom a gambling site.
    
    Jeffrey Weber, who writes an online news letter dedicated to the
    industry, called www.Alltopsportsbooks.com, estimated an outage of a
    few hours is costly. "That's $500,000 to $1 million dollars worth of
    action wiped out in one shot," he said.
    
    PAY UP -- OR ELSE
    
    Reuters obtained a copy of an e-mail extortion threat distributed
    earlier this month. It demanded sites pay $15,000 for six months'
    worth of protection.
    
    "If you wait to make a deal with us when the attacks start, it will
    cost you $25,000 for six months protection and the lost revenues as
    your site will stay down until the $25,000 is received," the e-mail
    threat said.
    
    Weber said a number of small sites have paid up, calculating it would
    be cheaper than going dark during a busy period. "It's almost like the
    criminal elements of the neighbourhood bookmakers has merged with the
    world of online bookmakers," he said.
    
    Noting the relatively small sums demanded -- to ensure the victim does
    not go out of business and can continue to pay up -- security and law
    enforcement sources said they believe this is the work of gangs with
    experience in such shakedown schemes.
    
    "This is very professional," said one security expert.
    
    The Net crime wave is not exactly new. Extortionists and crime groups
    have targeted businesses of all sizes since the early days of
    e-commerce.
    
    Law enforcement has been hampered because until recently companies
    were reluctant to report the incidents for fear of hurting their
    business reputation. Police hope a recent spirit of cooperation will
    help their cause.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Jan 30 2004 - 09:11:18 PST