Hackers who DDoSed African telecom and US hospital get long prison sentences

Two men who launched DDoS attacks against a variety of targets have received substantial prison sentences on Friday.

Attacks against Liberian telecom

30-year-old Daniel Kaye (aka “BestBuy”), from Egham, Surrey (UK) has been sentenced to spend 2 years and 8 months in prison for DDoS attacks targeting the Liberian telecommunications provider Lonestar MTN in 2015.

According to the UK National Crime Agency (NCA), Kaye first used rented botnets and stressor services to attack Lonestar. He was paid for the service by a senior official at Cellcom, a rival Liberian network provider.

Almost a year later, in late 2016, he took advantage of the fact that the source code for the Mirai IoT DDoS botnet was leaked online to create his own Mirai botnet consisting of infected Dahua security cameras.

Apparently, in November 2016, the traffic from Kaye’s botnet was so high in volume that it disabled internet access across Liberia.

Lonestar alleges to have lost tens of millions in US dollars in revenues due to the constant attacks, and to have spent approximately $600,000 on fighting them.

Kaye was also behind the November 2016 attack that affected one million Deutsche Telekom customers – an attempt to rope routers into a Mirai botnet.

He was arrested in February 2017, extradited to Germany, has faced a German court, admitted his guilt, and received a suspended sentence.

Kaye wasn’t so lucky in the UK. He pleaded guilty to creating and using a botnet and possessing criminal property, and received the 2 years, 8 months prison sentence.

“Kaye was a talented and sophisticated cyber criminal who created one of the world’s largest networks of compromised computers which he then made available to other cyber criminals with no consideration as to the damage it would cause,” noted Russell Tyner, from the Crown Prosecution Service.

“The CPS and the NCA together with the authorities in Germany and Cyprus worked closely together in order to bring him to justice.”

Attacks agains a children’s hospital

34-year-old Martin Gottesfeld, from Somerville, Massachusetts (US), has been sentenced to more than 10 years in prison for carrying out a DDoS attack against the the Boston Children’s Hospital and the Wayside Youth and Family Support Network in 2014.

“Gottesfeld identified himself as a member of the hacking group Anonymous, and launched the attacks on behalf of Anonymous, demanding change in the way the Boston Children’s Hospital was handling a teenage patient (discharged months earlier), who was the subject of a custody battle between her parents and the Commonwealth of Massachusetts,” the US Department of Justice explained.

“The attack flooded 65,000 IP addresses used by Boston Children’s Hospital and several other area hospitals with junk data intended to make those computers unavailable for legitimate communications. The attack disrupted the Children’s Hospital network for at least two weeks, interrupting access to internet services used by Boston Children’s Hospital staff to treat patients. The attack disrupted the hospital’s day-to-day operations, as well as its research capabilities. The attack cost the hospital more than $300,000 and caused an additional estimated $300,000 loss in donations, as the attack disabled the hospital’s fundraising portal.”

The attack against the nonprofit Wayside Youth and Family Support Network crippled the institution’s network for more than a week and caused the facility to spend $18,000 on response and mitigation efforts.

Gottesfeld was convicted of one count of conspiracy to damage protected computers and one count of damaging protected computers, will have to spend 121 months in prison and pay nearly US$443,000 in restitution.

The sentencing judge noted his crime was “contemptible, invidious and loathsome” and the long sentence is surely in part due to the fact that the attacks put children’s lives at risk.