16-Year-Old Arrested for 'Biggest Cyberattack Ever'

[CommanderFrank]

The massive sustained attack last spring on Spamhaus, the Dutch anti-spam group, has netted several arrests. In reports leaked this week, one of them being a 16 year old from London who was arrested along with the main suspect back in April. The attacks actually slowed down the Internet in Europe.

The teenager, whose name is unknown at this point, was arrested by British police in April, but details of his arrest were just leaked to British press on Thursday. He was arrested at the same time as the main suspect of the attack, Sven Olaf Kamphuis.

 

[atp1916]

Behold, the pow3r of automated noob-proof kiddie-friendly DDoS scripts!

 

[CommanderFrank]

When I was 16, I had a car, a girlfriend and the worst thing I did was bust a streetlight or two. I really never gave much thought to bringing down half of Europe's Interweb.

 

[HFBallad]

So, what's the odds that this kid will be "diagnosed" by a helpful doctor with some mental disease / problem and be given a slap on the wrist (like they did with they kid that broke into Sony's PS accounts)?

 

[aShrubbery!]

So, what's the odds that this kid will be "diagnosed" by a helpful doctor with some mental disease / problem and be given a slap on the wrist (like they did with they kid that broke into Sony's PS accounts)?

Why should they send the kid to a prison to have taxpayers pay for his incarceration?
Make him serve a stiff sentence of community service. 1 year or 2 after school.
No sense of making him a convict, but that still doesn't mean he should get away easy.
Also, the Wall street hacks who were responsible of nearly bankrupting the world economy got away far easier than this kid ever will.

 

[Jack Hammer]

So, what's the odds that this kid will be "diagnosed" by a helpful doctor with some mental disease / problem and be given a slap on the wrist (like they did with they kid that broke into Sony's PS accounts)?

Well, he is a hacker after all. That means he already has Asperger's or some other politically friendly mental illness.

 

[Red Squirrel]

It's kinda sad that this kind of "crime" can get someone arrested. All damage done is virtual, especially a DDoS where it's a big inconvinience, but does not actually permanently break anything, like defacint a web page would. At most, his ISP should terminate his account.

That said I do think it does deserve a punishment, but the punishment should be "virtual" such as no internet. Not being thrown in a jail cell for life, which is probably what is going to happen.

Around that age I was a lot into hacking, I was just curious and stuff, did not actually want to damage anything. Back then not as many people had routers but their PCs were directly connected. It's incredible the stuff people would share via netbios and not even password protect. The most I really did back then was port scanning random IP ranges to see what I can find. To think that this could have landed me in jail is kind of scary.

 

[atp1916]

It's kinda sad that this kind of "crime" can get someone arrested. All damage done is virtual, especially a DDoS where it's a big inconvinience, but does not actually permanently break anything, like defacint a web page would. At most, his ISP should terminate his account.
[...]

DDoS attacks cost businesses, directly and indirectly.

Company websites going offline can mean loss of revenue, disruption of basic services, etc.

Companies have to spend big cash each year to harden their networks, or rent out hardware protection.

 

[caddys83]

Soo.... Is that why DeathPrincess been missing on [H]ardfourms? And to think I thought he was a she.

 

[bastage]

Can we call him Dade Murphy?

 

[Spazturtle]

DDoS attacks cost businesses, directly and indirectly.

Company websites going offline can mean loss of revenue, disruption of basic services, etc.

Companies have to spend big cash each year to harden their networks, or rent out hardware protection.

And yet they can very easily be prevented.

 

[XenIneX]

And yet they can very easily be prevented.

There's only so much you can do to mitigate a 300 gbit/sec DDoS.

 

[Skripka]

There's only so much you can do to mitigate a 300 gbit/sec DDoS.

Especially when it is using DNS servers and not groups of IPs to generate the DDoS.

 

[cyclone3d]

This is a direct quote from the second reply to that article:

"Bogus! This attack was so SMALL, that the only people who even noticed, was spamhaus themself (their ISP put out a press release saying that their systems did not detect any unusual traffic).

The *real* problem was spamhaus having underpowered servers, and an over-excited press-release team on the anti-DDOS company they called in to help them out.

Never let the truth stand in the way of a good story though. Bad luck if you're the 16yo kid - but hey - ddos companies need sales more than 16yo kids need liberty...
"

In any case, if you can take of DNS servers to do a DDOS, then the people who handle the DNS servers are totally incompitent.