Two Polish men arrested in London for running DDoS attack

cyber-attacks-show-need-for-regulationTwo Polish men who have been identified as Piotr Smirnow and Patryk Surmacki now find themselves in hot water after both were arrested at Heathrow airport in London earlier this week over their alleged involvement in threatening the Club World Casino with a distributed denial-of-service (DDoS) attack.

The 31-year old Smirnow and the 35-year old Surmacki, natives of Warsaw and Szczecin, respectively, have since been detained and questioned by Machester authorities for their supposed roles in launching a 36-hour denial-of-service attack against the Manchester-based online casino earlier this month. The pair have likewise appeared before Uxbridge Magistrates in west London where they were accused of two offenses of blackmail and one offense of unauthorized acts on computers under the 1990 Computer Misuse Act.

As with almost all cases involving a DDoS attack, cyber blackmailers threaten a specific website, usually one that offers a specific service, of flooding it with traffic, thereby ensuring that no genuine customers can have access to the site being attacked. In some instances, such an attack causes a website to lose a significant chunk of revenue, as is the case with an online casino like the Club World Casino. Once under siege by a botnet of computers that causes significant website traffic, the site is effectively paralyzed from offering any of its online services, which in this case, is online gambling.

The only way cases like this are often remedied is when the under attack company pays a financial figure at the behest of these blackmailers, something the two Polish men are accused of doing to the Club World Casino.

“This investigation centers on an allegation that the on-line company was blackmailed,” Detective Inspector Chris Mossop, of the Greater Manchester Police’s Serious Crime Division, said. “As part of this blackmail attempt, one of the company’s websites was made temporarily unavailable by the offenders.”

Online gambling sites are far from the only victims of this kind of cyber extortion, although most of these cases involve similar kinds of financially-driven sites that rely on monetary transactions from their genuine customers to earn its revene. Complicating matters is the apparent lack of importance placed on location when running these extortion attempts. As a cyber rime by nature, attackers don’t have to be within the vicinity of a target site to pull off these attacks. They could be half-way around the world, sipping on a mug of hot cocoa while attacking a site based dozens of time zones away and nobody would be the wiser.

Fortunately, these two Polish men accused of running a DDoS attack on the Club World Casino forgot that memo, otherwise they wouldn’t have been caught and brought into questioning on suspicion of their involvement in the crime in an airport that, compared to other cases, is a stone’s throw away from the headquarters of the online casino it attacked.

Both Smirnow and Surmacki are still being held in custody and are awaiting a new hearing next week.