Man Jailed for Attacking Millions of Websites
A man who launched millions of separate attacks on websites has been jailed for 13 months for conspiracy to damage Internet-connected computers. Sergiy Usatyuk, who is 20, offered an attacks-for-hire service using Distributed Denial of Service (DDoS) tactics.
A Denial Of Service attack is a crude but often effective technique that simply involves flooding a site with bogus "visits" until the web server becomes overloaded, which then causes the website to become inaccessible for ordinary users. It's roughly equivalent to tying up a company's switchboard with prank calls.
The "distributed" element involves building a network of computers - usually hijacked remotely by malware - that can work together to unleash such an attack. That can make it more difficult to defend against as it becomes harder to figure out which site visits are legitimate and which are part of the attack.
300,000 Attacks A Month
Usatyuk, who is a US citizen, partnered with an unnamed Canadian to operate Exostress, a "service" that people could hire to carry out DDoS attacks. Prosecutors say that it operated for 27 months and in the first 13 months alone Exostress carried out 3,829,812 attacks. (Source: theregister.co.uk)
The illegal service appears to have been incredibly cheap, with the average revenue from an attack being a matter of pennies. It was a numbers game, however, with Usatyuk and his partner making an estimated $550,000.
Prosecutors detailed two of the victims. One was a school district, with knock-on effects impacting the county's government and a local Catholic diocese. Another attack brought down the servers of an online videogame, with an estimated cost to the game manufacturer of $164,000.
No Stranger To DDoS Allegations
Usatyuk will now forfeit a computer, cell phone, seven hard drives and three dozen servers which he used to carry out the attacks.
It's not the first time Usatyuk has been linked to in such attacks. Security reporter Brian Krebs recalled interviewing the then 15-year-old after he posted a series of messages on a hacker forum discussing DDoS techniques. At the time Ustayuk denied carrying out attacks. (Source: krebsonsecurity.com)
What's Your Opinion?
Is the 13-month sentence adequate? What's more important in deciding the punishment: how much money Usatyuk made or how much damage he caused? Should officials put strong efforts into finding the people who hired the service?
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
DoDS hacks or other intentional disruptions
No sentence can adequately punish these people short of a long (10 years?) prison term. A prison term bereft of any access to the internet, cellphone or computer.
restitution for the monetary damages inflicted due to their activities would never be realized, of course.
Jim-in-Kansas