The administrators of the DoS web site webstresser.org were arrested in April 2018 following the ‘Power Off’ operation, a complex operation led by The Dutch Police and The UK national crime agency, with the support of Europol a dozen police agencies from around the world. The administrators lived in the UK, Croatia, Canada and Serbia. More measures were taken against the main users of this market in the Netherlands, Italy, Spain, Croatia, the UK, Australia, Canada and Hong Kong; the illegal service was closed and infrastructures were closed down in the Netherlands, the US and Germany.
Webstresser.org was considered to the biggest market in the world for the hire of denial-of-service attacks (DoS), with over 136,000 registered users and four million attacks recorded in April 2018. Orchestrated attacks were directed against critical online services offered by bank, governmental institutions and police forces, and against victims of the gambling industry.
In a DoS attack activated by this service, the attacker has remote control of the connected devices to aim a large amount of transit at a website or an online platform. Whether this transit consumes the width of the band of the website, or if it weakens the server or consumes other essential resources, the final result of an unmitigated DoS attack is the same: the victim’s website is slowed down to such an extent the it cannot be used, depriving users of essential online services.
With webstresser.org, any registered user could pay a nominal fee via online payment systems to hire the use of this platform. The fees offered were so low ¾about 15 Euros per month¾ that they allowed individuals with little or no technical knowledge to launch paralysing DoS attacks.
International Police cooperation was fundamental in the success of this investigation, launched by the Dutch National Unit for Advanced Technological Crimes and the UK National Crime Agency, as administrators, users, critical infrastructure and victims were spread out all over the world.
Europol’s European Cybercrime Centre (EC3) and the Joint Action Task Force (J-CAT) gave their support to the investigation from the start, facilitating the exchange of information between members. A centre of command and coordination were set up at the headquarters in The Hague, led by Europol.
DoS attacks are illegal. Many enthusiasts are involved in cybercriminal activities that may appear to be at a low level, without bearing in mind the consequences such crimes involve. Penalties can be severe: if you launch a DoS attack or offer, supply or obtain services to launch one, you can receive a prison sentence, a fine or both.
Individuals who exercise cybercrime often have a range of skills that can be positive skills related to codifying, gambling, computer programming, cybersecurity and other fields associated with ICT that are in great demand, and there are many careers and opportunities available to anyone interested in these areas.