A few days before Christmas, the internet fulfillment company Cafepress.com announced they had experienced some problems for a few hours but were back online. The next morning a new announcement confirmed the problem had been caused by a DDoS, a distributed denial of service.
This kind of attack is mounted by several people, often from multiple “zombie” computers, whose owners do not know they have been compromised. The purpose of the attack is to keep others from using the site. In the past, DDoS attacks have been used by gangsters to extort money from online gambling enterprises. Last October, one such Russian gang was arrested and sentenced to 8 years in jail for such an attack. There have also been a few instances of teenagers arrested for attacking websites as a prank.
Some $4 million has been extorted from online gambling interests, so it’s easy to see why someone would risk a jail term to rake in that kind of money, and why the gaming interests will spend a lot of money to stop it. But a little company like CafePress?
CafePress is a company that provides order fulfillment for online “shopkeepers” who design T-shirts, buttons, coffee mugs, and other gear. This type of online business requires very little startup cost and can be done by someone who is chronically ill or disabled. You might say a lot of the people who engage in this sort of business are on the tail end of the supply/demand curve. Many of Cafepress’s customers do fit this description. One, in fact, is a breast cancer survivor who designs shirts around that theme. Why attack a company like this?
Christmas is a very busy season for online companies. An online book company like Amazon is said to do a third of its yearly business in the few weeks preceding Christmas. Christmas is also a primarily Christian holiday. Who would attack an online company in the week prior to Christmas? Was it done by members of Al Firdaws, the Islamic website “Paradise” with its ties to Osama bin Laden? They were caught planning a DDoS attack on financial institutions “before the infidel new year”? Maybe once they were outed, they just diverted the attack elsewhere.
If this is the work of Islamist terrorists, it’s about the dumbest thing they have done since the Achille Laurel incident where they pushed the guy in the wheelchair off the end of a ship.
Whoever is responsible for the attack, you can say one thing. They are definitely in need of some serious adult supervision.