The Dutch police arrested a COVID-19 DDoS attacker who put down two government’s websites. The 19 year old man was caught on April 10th on suspicion of Distributed Denial of Service (DDoS) attacks against MijnOverheid.nl. This website provides a personalized portal that the government uses to send and receive documents. In fact, it is a digital letterbox where citizens receive information from the government about their tax returns or child benefits. The attack also targetted Oveheid.nl, which publishes the updates from the authorities regarding COVID-19. After the attack, both websites became unavailable for a few hours, on March 19.
In such attacks, the attackers overload servers or network resources with huge amounts of traffic. Thus, they compromise the systems, which become unavailable to legitimate users.
So, Jeroen Niessen, head of the cybercrime team of the central Netherlands police, said that they take such actions very seriously. “By flattening a website like this, you are denying citizens access to their personal data and important government information. We want to protect people and companies and make it increasingly difficult for cyber criminals to carry out a DDoS attack”, he mentioned.
The authorities blocked 15 boosters
Also, the same team blocked 15 boosters at the request of the police. Boosters are services that deliver distributed denial of service attacks for customers, in exchange for money. It seems that this was the case with the attacks against the two websites, too. Thus, the authorities warn that such web-based services are very hard to take down.
The Dutch Police also provided tips and tricks for businesses and individuals to protect their data. So did Federal Bureau of Investigation in the USA, and The National Cyber Security Center in the United Kingdom, before.
“Many users don’t realize this. Many DDoS attacks are committed by young people. For the kick, out of boredom or as a challenge; to see if it succeeds in taking down a target. But perpetrators underestimate the consequences of these attacks for victims. Moreover, they do not realize that the police are able to find them and that they are facing a penalty and a substantial claim for damages,” Niessen added.
The 19 year old COVID-19 DDoS attacker should face the charges in court.