Canadian ‘Mafiaboy’ Charged in DoS Attacks

The Royal Canadian Mounted Police (RCMP) have arrested a 15 year-old known as “Mafiaboy” in connection with February’s spew of denial-of-service (DoS) attacks on prominent Web sites. The youth’s name cannot be released due to his age.

The arrest was the result of a joint investigation with the Federal Bureau of Investigation (FBI), National Infrastructure Protection Center and the U.S. Department of Justice (DOJ).

Mafiaboy Grounded

At a press conference this morning, Yves Roussel, of the RCMP’s Commercial Crimes Division, said that the Canadian teen was arrested on Saturday and charged in Children’s Court on Monday with a misdemeanor.

The judge released the boy pending a trial, and placed severe restrictions on his computer access. According to Roussel, the suspect is forbidden from using a computer, except at school under the supervision of a teacher. He is also not allowed to connect to the Web, and cannot go into stores that lease or sell computers.

Roussel also said that police seized computer equipment from Mafiaboy’s residence and are currently analyzing it.

Computers Taken Over

February’s attacks were reportedly carried out by downloading software onto computers around the world and programming them to bombard the victim’s servers with requests for data. The requests for data were camouflaged so that the receiving Web servers would receive them as normal data requests from legitimate visitors. The sheer volume of data overwhelmed the servers, resulting in delays and site crashes.

One of the computers allegedly used by Mafiaboy was in a research lab located at the University of California at Santa Barbara. Investigators reportedly examined the log files of the computer and determined that Mafiaboy had electronically broken in and used the computer to send large amounts of data to CNN.com.

Digital Droppings

The teen hacker apparently made himself easy to find. He reportedly used an ISP that tracked his activities and made boastful claims — including information only the hacker would know — in Internet chat rooms.

Internet security expert Michael Lyle told ABC that he had communicated with Mafiaboy, who claimed to have attacked E*Trade and a number of smaller Web sites.

Attacks Exposed Vulnerability

After February’s attacks shook the e-commerce community, industry leaders met with President Clinton and law enforcement authorities to discuss the situation and the potential for more problems. In turn, the FBI and Department of Justice beefed up their cybercrime units, which worked with the RCMP on the case.

U.S. Attorney General Janet Reno issued a report last month about the increase of cybercrime — just three weeks before authorities in Wales arrested two teens for stealing 26,000 credit card accounts from nine e-commerce Web sites. Police say the value of those thefts could top $3 million (US$).

New Hampshire teenager Dennis Moran, Jr., also known as “Coolio,” was charged last month with vandalizing three Web sites. Moran has consistently denied any involvement in the attacks on the Web sites cited in the arrest of Mafiaboy.

Lost Confidence

Results of a poll by @plan, released one month after the attacks, indicated that the recent hacker attacks “severely damaged consumer confidence in the Internet.” The data shows that almost 40 percent of Internet shoppers 18 and over were less likely to make an online purchase in the future and that nearly 47 percent of those who had not shopped online in the previous three months would not be likely to start.

The RCMP said in a statement, “The investigation has given authorities the opportunity to bring light on Internet attacks that have strongly shaken the heart of electronic commerce worldwide, causing losses that were evaluated at many hundred millions of U.S. dollars.”