A source from the National Ukrainian Police for the Cherkasy region, reports that investigators from the Head Department of the National Police for the Cherkasy region are investigating a criminal case based on article 361, part 2 (Unauthorized intervention in the functionality of electronical-computing machines (computers), automatized systems, computer networks or telecommunication networks) of Ukraine’s Criminal Code.
This investigation is being conducted after perpetrators blocked the functionality of hundreds of servers located in the US by a DDOS attack.
The aim of the attack was to extort money from international online businesses.
The attackers exploited hundreds of thousands of devices to generate 50 Mbit/sec traffic from unsuspecting users to victims` servers.
The alleged criminals were well organized, operating in specialized groups. These groups consisted of a first team that infects the computers. A second group that hunts for potential targets, and a third coordinating the actual attack. The third group would also negotiate with the potential victims.
The extortion amounts varied from 1,000 to 10,000 US Dollars, while the cost of an attack was approximately 800 US Dollars a day.
An appeal was received from the US Company Stafford Associates.
Stafford Associates are a US corporation specializing in providing DATA centers and hosting services.
The victims of the attacks included online stores, payment system providers, online dating service sites, and currency exchange platforms.
Steven Wang, an expert from the agency of investigation of cybercrime from a US-based firm, characterized the situation as follows:
“At the time being, this kind of crime is widespread in the world. One of the areas where cybercrime is significantly growing is the territory of Ukraine. To some culprits who extort money from businesses using threats of hacking and attacks, it seems as though they are acting with impunity. In practice, the investigations of such criminal activities worldwide do portray that such culprits are indeed held responsible in the end. These criminals are sentenced accordingly for this type of criminal activities and are locked in prison. The Ukrainian authorities are taking active measures in order to prevent any frailty in the legislation and to hold the culprits accountable for their actions. This will happen very soon.”
Vadim Ovcharenko, a Ukrainian lawyer who frequently handles such cases, gave us his own comments.
“Yes, such activities are more common nowadays. The victims of these criminal actions happen to be both small online businesses as well as large corporations. Apparently, clients do not intend to leave such cases not dealt with. More frequently, we meet clients who state: we will defend our interests in any case, and we will not allow the perpetrators to escape with impunity, having caused damages to our business.”
As a result, perpetrators may begin to realize they could be caught and held accountable for their actions.
PayOnline, a payment system provider, was one of the companies affected by the criminal activities in the Cherkasy case. Its lawyers are committed to see the case through to its very end.
Another victim was the AnastasiaDate network of online dating sites. Its Director, US citizen Lewis Ferro, stated that he is personally following the investigation of this case.
“The thing is, due to such criminal actions, many of our partners get affected along with us. We have over 500 partners on the territory of Ukraine, from small businesses to individual entrepreneurs, whose work has ceased due to the criminal actions in question. They have suffered financially, and so, each of them demands the resolution to this issue.”
Investigative actions about this case are well underway and a possible group of suspects have been identified.
All their electronic devices have been confiscated and an examination of this equipment is likely already under way.
It is expected that the examination conclusion will confirm the involvement of the suspects in committing the DDOS attack and extortion.
Other investigative actions continue to determine the level of involvement of the alleged criminals.
The affected parties are currently preparing materials for submission to the court.
Journalists have since discovered that the suspects are Ukrainian citizens Iatsenyuk Inna and Guy Grishnyak, living in Cherkasy and Lvov respectively.
It is possible that they were involved in the organization of a series of attacks on tens, or even hundreds, of online businesses.
The sanctions for such criminal violations include a fine from 600 to 1,000 non-taxable minimum incomes of the citizens, limitations in freedom for a period from 2 to 5 years, or full imprisonment for up to 3 years.
In today’s reality, cyber-attacks are becoming more frequent. It is then, reassuring to know that the culprits are no longer left untraced or unpunished.