Russian Mafia targets online businesses

Organised crime rings in Russia are targeting online gambling sites in denial of service (DoS) extortion rackets and there is little companies can do to prevent it, according to a leading security expert.

The warning follows a spate of similar blackmail scams seen by security consultants in recent months, according to Neil Barrett, technical director at security firm Information Risk Management.

A target site is initially brought down with a short DoS attack lasting up to 15 minutes. Contact is then made with the company followed by another DoS attack and then demands for money.

Ultimately the scam is just a hi-tech version of the tried and tested protection rackets used by Mafia gangs and organised criminals for years, he said.

"It is the online equivalent of muscle men coming into your shop and saying: 'This looks like it will burn easily'. I would be very surprised if at least some companies didn't pay up," said Barrett.

The gangs work out the revenue loss per minute of downtime for the site during the DoS attack and then ask for some of that to be paid monthly under the guise of 'security consultancy services'.

"The thing that points to organised crime is the realism of the demands. The demand is based on a fraction of the amount actually lost during that period. A small number of tens of thousands of pounds to be paid monthly for security consulting services - now that's a business plan," he said.

Attacks have mostly been limited to gambling sites but any online company could be susceptible, warned Barrett.

"Stopping it is only really possible by ensuring protection against a DoS attack but that is difficult because it can be coming from squillions of different places. It is not impossible but it is implausible," he explained.

Companies should involve the police as early as possible in an attempt to identify the criminals by following the money once it has been paid.

Leads have indicated that the Russian Mafia is behind the scam, said Barrett. "The money and communications are often routed through St Petersburg but whether that is the start point or mid-point I don't know. But evidence points to it being run by Russian organised crime," he said.