• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WittySparks Logo White

WittySparks

Ignite Your Thoughts

  • Topics
  • Reviews
  • Subscribe
WittySparks / Technology / Operating System / Disgruntled ex-employees, DDoS attacks and the revenge of the nerds
DDos Attack or Threat and Security

Disgruntled ex-employees, DDoS attacks and the revenge of the nerds

Operating System November 27, 2017 by Nishitha

They say living well is the best revenge, but as so many of us have come to realize, it isn’t exactly satisfying. Even so, most people would agree living well is preferable to, say, living in prison for the sake of revenge, but for one disgruntled ex-employee, it was apparently a trade he was willing to make.

DDoS attacks have long been a go-to for tech-savvy companies willing to get their hands dirty, whether it’s revenge over business went bad or a straight-up strategy for taking underhanded aim at the competition. With how cheap and easy it’s become to use DDoS for hire services, pretty much anyone, tech-savvy or not, can do serious, long-term damage with a devastating cyberattack.

Browser DDoS Attack Heatmap
Incapsula mitigates a massive HTTP flood: 690,000,000 DDoS requests from 180,000 botnets IPs.

On this page

  • DDoDamage
  • An employee scorned
  • A dish best not served

DDoDamage

Distributed denial of service or DDoS attacks is perhaps unsurprisingly designed to deny a website’s services to its users. This is accomplished using a botnet’s collection of hijacked internet-connected devices to slam the target website’s server or infrastructure with malicious traffic, overwhelming it to the point that it’s too slow to be used or it’s offline altogether.

At one time, launching a DDoS attack required having access to if not writing malware that hijacks those internet-connected devices and having a command and control server for issuing directions to them to hurl malicious traffic at the target website, and that’s a DDoS attack in its simplest form. There are all kinds of reflection and amplification techniques used to complicate and intensify attacks. Multiple attack vectors can be used, and both the network layer and application layer can be targeted.

In short, launching a distributed denial-of-service attack used to be reserved for people who really really know what they’re doing with computers, making them potent but at least somewhat rare. That is no longer the case. DDoS for hire services, otherwise known as booters or stressors, rent out the use of a botnet, allowing anyone to essentially type in a URL and hit it with an attack. Prices start at just a few dollars for a short, low-volume burst and go into the hundreds for longer, more powerful assaults, like the kind purchased by our disgruntled ex-employee and soon-to-be current felon.

An employee scorned

In 2015, Washburn Computer Group, a computer system repair firm in Minnesota, began experiencing shutdowns of a number of their websites. Along with these shutdowns, Washburn received emails tauntingly asking if they were experiencing any ongoing IT issues. These emails were somewhat incomprehensibly accompanied by an image of a laughing mouse.

The server log files didn’t reveal much about the culprit thanks to an anonymizing service; those laughing mouse emails left a trail of IP address crumbs that led directly to former Washburn employee John K. Gammell. Gammell had worked for the firm for 17 years. Though he apparently left on good terms, a dispute over payment for training services turned ugly enough that he allegedly enlisted the services of seven booters, spending up to $200 per month on his three favorite booters for a DDoS campaign that lasted a year and four months. In addition to Washburn, Gammell allegedly targeted several banks, several employment contracting services he’d done work for, and the Minnesota Judicial Branch.

Gammell is charged with knowingly causing damage without authorization to a protected computer. He recently rejected a plea deal that would have capped his potential prison sentence at 15-17 years.

A dish best not served

The case against Gammell is the first of its kind in Minnesota. He joins the Lizard Squad ranks, a hacker group that targeted the UK’s National Crime Agency’s website with a DDoS attack in retaliation for its DDoS arrests for hire users as famous perpetrators of DDoS revenge attacks.

These instances of perpetrators actually being identified have garnered plenty of publicity, but it’s because they’re so rare. For every John K. Gammell facing prison time, there is an untold number of websites and organizations dealing with these attacks’ these attacks’ crippling effects. In Washburn’s case, Gammell’s attacks cost them approximately $15,000. That estimate probably doesn’t even account for customer loyalty’s long-term damage, especially considering Washburn specializes in computer repairs. Customer frustration and loss of loyalty often end up being the highest cost of a successful DDoS attack amongst costs that can soar to $100,000 for every minute of downtime.

With how easy it is to partake in the services of a booter, and with the ever-increasing size and might of Internet of Things botnets powering some booters, nearly every website on the internet is a potential target, as well as every business with an online presence or connectivity, whether it’s because of revenge-motivated reasons, competition, hacktivism, the draw of social media attention, or random DDoS ransom notes. Meanwhile, there’s a good possibility there will be important evidence suppressed in the case against Gammell if the charges aren’t dropped altogether because some of the evidence was obtained in a hack of one of the DDoS for hire services, making it the fruit of a poisoned tree. That is the current state of justice in this world of ever-increasing DDoS threats.

Appreciate your opinion on this topic on social media by tagging us @wittysparks
  • LinkedIn
  • Twitter
  • Like
  • Pinterest

Related Topics

  • macOS X Catalina: Common Problems and Their Solutions
  • Helping Your Mac Run Faster With These Simple Tips
  • Introduction to Performance Counters for IIS Monitoring
Launch Offer
Rocket.net - Managed WordPress hosting
Rocket.net - Managed WordPress hosting
$1 for first month, $25/month

A highly secured WordPress hosting platform powered by Cloudflare enterprises with customized services for agencies, eCommerce, and small businesses.

  • PageSpeed Guarantee
  • Ultra Secure Platform
  • FREE Migrations
  • Automatic Updates
Try for $1.00 Our Review
We earn a commission if you make a purchase, at no additional cost to you.

Our Favorite Tools

Semrush - SEO and Marketing Tools
Semrush - SEO and Marketing Tools
$119.95/mo
Try for FREE Our Review
Semrush - SEO and Marketing Tools
Lasso - All-in-one Affiliate Marketing Plugin for WordPress
$29/month
Start Free Trial Our Review
Semrush - SEO and Marketing Tools
Grammarly - AI-powered writing assistant
$12.00 / month
Try for FREE Our Review
Previous Post: « Full-Color 3D Models and 3D Printing
Next Post: Companies that Reinvented Themselves Successfully »
Profile picture for Nishitha

About Nishitha

Co-founder of WittySparks
WittySparks Staff

I am done with my Physiotherapy Graduation. And I always try to share Health and technology tips with people. Apart from Physiotherapy and being a tech savvy, I do explore more on Technology side and I keep sharing my findings with wider audience.

View all posts by Nishitha
  • LinkedIN
  • Twitter

Footer

Search

Exclusive Coupons

  • Moqups Review - Use coupon code “WITTYSPARKS" for 20% off or "PARTNERS50" for 50% discount on all plans.
  • Serpstat Review - Use coupon code "wittysparks_discount" for 30% off.
  • WPForms Review - Use coupon code "WITTYSPARKS" for 50% off.
  • WPPayForm Review - Use coupon code "wittysparks" for 10% to 40% off.

Affiliate Disclosure

If you make a purchase from WittySparks links, we will receive a small commission. See our Affiliate Disclosure.

Sponsors

Partnered with FreePik to use the licensed images.

turn to dhgate for smartphone

Follow Us

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • Instagram
  • YouTube
  • RSS

Copyright © 2022 · Hosting sponsored by Rocket.net (Affiliate link)

  • About Us
  • Contact Us
  • Privacy Policy
  • Affiliate Disclosure