Driebergen-Rijsenburg - Operation Power Off – Police close down largest DDoS website
On Tuesday 24 April the Dutch police closed down Webstresser.org, the biggest cybercriminal website. Webstresser.org was a so-called ‘booter’ or ‘stresser’ service: a website where people could purchase a powerful DDoS attacks simply and at a low price. A DDoS (Denial of Service) attack is an attempt to block legitimate clients’ or visitors’ access to a service.
On 24 and 25 April, four suspected administrators of the website were arrested, including arrests in Serbia and Croatia; in Canada and the UK, too, action was undertaken with regard to suspected administrators. In the Netherlands, several users of Webstresser.org have been arrested, and the police searched residential premises in Hilversum, where one of the residents was suspected of having been an administrator of Webstresser.org.
All of these operations are taking place as part of ‘Operation Power Off’, in which the Dutch police, under the authority of the Dutch Public Prosecution Service, worked together with the authorities in England, Germany, Scotland, Australia, Canada, Italy, Spain, Serbia, the U.S., Croatia, and Hong Kong – as well as Europol and the Joint Cyber Action Taskforce – in the international fight against DDoS attacks. The taking down of Webstresser.org puts the biggest and best-known stresser in the world out of action.
The Dutch criminal investigation was launched in response to information received from the UK’s National Crime Agency (NCA). The infrastructure of Webstresser.org was situated in the Netherlands for a certain period, which allowed the police to track down a great deal of information about the website. The police also managed to gather information about users of the website in the Netherlands and internationally, as well as targets of attacks.
The targets of DDoS attacks are diverse, and have included websites that can be described as part of the vital infrastructure. Several criminal investigations are still in progress into these individual attacks.
These sorts of operations are in line with the four-track policy of the integral approach announced last week by the Dutch Minister of Justice and Security. One aspect of this policy is that the authorities plan to invest in criminal investigation and related research. In addition to carrying out investigations into crimes that have been committed, the police and judicial authorities are increasingly focusing on disrupting cybercrime or preventing it altogether. This occurs in cooperation with various partners, both at the national and international level, and goes hand in hand with scientific research. Another aspect is that the government is committed to strengthening the investigative authorities and providing support to victims of cybercrime to prevent them from being targeted repeatedly.
No such thing as anonymity
”Our international police operation has eliminated the largest illegal DDoS provider and struck a heavy blow to DDoS crime. Not only have we arrested the administrators, but we will also prosecute users and make them liable for damage. Let this be a warning to anyone considering to DDoS: don’t do it, because by tracking down the DDoS service you use we will break your anonymity, give you a criminal record, and enable your victims to claim compensation from you”, commented Gert Ras, head of the Netherlands Police’s High Tech Crime Team.
Piet Mallekoote, Director of the Dutch Payments Association, added: “To tackle this form of crime effectively, we need a joint effort on the part of the banks and the police services. Where cybersecurity is concerned, for some time now the payment sector has been successfully promoting not only close cooperation within the sector itself, but also public-private partnerships. In combating DDoS attacks, the banks work closely with the police, including the Electronic Crimes Task Force.”