British police arrest five young men for taking part in ‘Anonymous’ web attacks
LONDON (BNO NEWS) — Five young men were arrested in Britain on Thursday morning for allegedly participating in web attacks carried out by an online group calling themselves ‘Anonymous’, police said.
The five males aged 15, 16, 19, 20 and 26 are being held after a series of coordinated arrests at residential addresses in the West Midlands, Northants, Herts, Surre, and London at around 7 a.m. local time. “The arrests are in relation to recent and ongoing ‘distributed denial of service’ attacks (DDoS) by an online group calling themselves ‘Anonymous’,” Scotland Yard said in a statement.
British police and police in other nations have been investigating the ‘Anonymous’ DDoS attacks since they began last year in support of whistle-blowing organization WikiLeaks. Companies such as MasterCard and Visa were among the victims, but ‘Anonymous’ has recently also launched DDoS attacks for other causes.
Scotland Yard said the investigation into the five young men is being carried out in conjunction with international law enforcement agencies in Europe and the United States but did not specify which company or companies were their target.
A DDoS attack is a low level attack that uses readily accessible malware and requires minimal knowledge. In essence, it consists of exhausting the resources of a computer (e.g. Server) such that it becomes unavailable to legitimate users.
For example, if a web server is designed to service 100 simultaneous users and an attacker can get 200 computers to simultaneously and constantly request pages from the server, then the server becomes overloaded and legitimate users are locked out through overloading the server and/or congesting the connection to the server.
The attack is distributed in nature meaning it originates from many computers, often under remote malware control, each making a small number of requests. As a result it is difficult to distinguish the attack from legitimate internet traffic.
Under UK law it is a criminal offence to carry out “any unauthorized act in relation to a computer” where the person “has the requisite intent and the requisite knowledge” to carry out the act. The maximum penalty for such an offence is ten years imprisonment and a fine of 5,000 pounds (7,950 USD).