A 26-year-old Russian man from the Sayansk city in the region of Irkutsk has been sentenced to 2 years’ probation for launching massive distributed denial-of-service (DDOS) attacks against various websites.
Cybercrime investigation company Group-IB worked with Russia’s Ministry of Interior to track down the man. More precisely, Group-IB has handled the identification, collection, and preservation of evidence.
Authorities started investigating the Russian, who hasn’t been named, after he launched an attack on the systems of a large financial organization that owned a number of banks.
The cybercriminal was actually renting DDOS services to others, and he advertised them on underground hacking forums. His services were contracted by Russians, citizens of former Soviet Republics, and even people in the United Kingdom.
The Dragon botnet was used to launch the attacks against the targeted companies.
The suspect was arrested back in the autumn of 2012. In December 2012, Group-IB revealed that he was getting ready to attack the website of a major industrial organization when police raided his home.
His illegal operations are said to have caused damages of hundreds or thousands of Russian rubles.
The man pleaded guilty and provided investigators information on how he launched the attacks.
Dmitry Volkov, head of the Group-IB Investigation Department, recommends organizations to think about contracting DDOS protection services because such attacks are becoming more common.
It appears that many Russians convicted for launching DDOS attacks evade jail time. Back in December 2013, a 31-year-old from Krasnoyarsk was sentenced to 1.5 years’ probation for taking part in a DDOS attack launched by Anonymous hackers against the website of Russia’s presidency in May 2012, shortly after Putin was named president.
In the case of the Krasnoyarsk man, he took part in an online protest along with many other hacktivists, so it’s no wonder that he got probation. However, the individual from Sayansk actively engaged in criminal activities and caused serious damage to many organizations, so it’s a bit surprising to learn that he only got 2 years’ probation.
In the US, punishments for those who launch DDOS attacks are tougher than in Russia. For instance, a 22-year-old from Missouri was sentenced to 36 months’ probation for taking part in a hacktivist operation against Angel Soft, a Koch Industries subsidiary. Other participants in the campaign got similar sentences.
In January 2013, two Anonymous hackers from the UK got jail sentences for DDOS attacks against PayPal back in 2010.