On 5/22/14, 12:51 AM, "Beleaguered Admin" <dealing.with.ddos@gmail.com> wrote:
This has been going on for a long time -- almost every detail is exactly the same as what is described here: http://techcrunch.com/2014/03/03/meetup-suffering-significant-ddos-attack- taking-it-offline-for-days/
He is in regular communication (via whois info and other collected contact data) asking for <$1000 USD sums to stop the attacks.
That article said that the company didnĀ¹t want to negotiate with criminals. As an aside I spent some time with a retired hostage negotiator on Tuesday (which was fascinating BTW). He actually said negotiation is always useful and sometimes paying a ransom demand can serve as a method to track where the money goes, to identify all the actors involved for later action (which may apply in this case). And sometimes financial demands are dropped as a result of negotiation.
Is it worth talking to law enforcement? Some of these have been >500k costs to the customer, but we assume the person doing it isn't in any western country, so maybe it doesn't even matter?
You may find the law enforcement more interested in engaging within you than you might think. Jason