Computer Extortion – Common Techniques

Attacking large corporate websites, either through sabotage because the attacker is a disgruntled employee or disagrees with the company’s ethos, or to extort money from the company is becoming increasingly common. Large e-commerce sites are especially vulnerable since downtime on the website results in a huge toss of revenue and reputation. it extortion is involved. it is usually addressed via the offence of blackmail.

Section 21 of  the Theft Act 1968 says:

(1 } A person is guilty of blackmail if. with a view to gain for himself or
another or with intent to cause loss to another, he makes any unwarranted demand with menaces; and for this purpose a demand
with menaces is unwarranted uniess the person making it does so in the belief
(1a)that he has reasonable grounds for making the demand; and
(1b) that the use of the menaces is a proper means of reinforcing
the demand.

(2) The nature of the act or omission demanded is immaterial, and it is
also immaterial whether the menaces relate to action to be taken by
the person making the demand.

(3) A person guilty of blackmail shall on conviction on indictment be
liable to imprisonment tor a term not exceeding fourteen years.

Computer related extortion is technically relatively easy to execute. The problem tracing these blackmailers is how to collect the ‘reward’ without identifying themselves so that they are caught. A Denial of Service {DoS} attack consists of one computer sending another a rapid series of requests which the second ‘target’ computer cannot process property and as a result it ceases to work.

The clever attacker will hide his footprints when initializing these attacks by either using a VPN or a relay of proxies.  A simple VPN like this one used to watch the BBC iPlayer from Ireland for example makes the attacker very difficult to identify.  Firstly the real IP address is obscured and secondly the company don’t log any connections making obtaining records from the virtually impossible.

Distributed Denial of Service (DDOS)

In a distributed denial of service attack several computers working together send the commands to the ‘target computer. From the perpetrators perspective DDoS has advantages over simple DoS in that the chances of overwhelming the target are much greater and much more difficult to stop.

If the attack comes from just one computer, then traffic from it can be filtered by reference to its IP address. If multiple computers are involved blocking by lP address is much more difficult. Botnets A botnet is a large collection of computers that is used to mount a DDOS attack. The setting up of a botnet requires the would-be owner to send out a large number of emails or use a distribution method that contains back-door programs through which each computer can be controlled. Of course, many of these attempts at installing covert back doors will fail because they are picked up by anti-virus programs and/or the owner is suspicious of the email by which they arrive. Taken-over computers are sometimes referred to as ‘zombies’

Once a large number of computers have been compromised by the success of the backdoor program, the botnet owner then runs a ‘herding’ program that issues simultaneous commands to all compromised computers. The most common control mechanism is via a modified form of Internet Relay Chat (IRC). though compromised peer-to—peer forms are also occurring.

Further Reference:  TV Watching and VPNs –

Leave a Reply