Anonymous DDoS Attack against PayPal Costs Company £3.5 Million

PayPal spent millions of pounds in an attempt to strengthen its defense against distributed denial-of-service (DDoS) attacks that have targeted the company on and off for more than two years.

When it started in 2010, Anonymous` Operation Payback was codename for a series of hacktivist attacks against companies known to oppose internet piracy, but the op soon shifted focus and went against e-commerce big players, such as Mastercard, Visa or PayPal when they strongly refused to process payments to WikiLeaks.

After eBay crashed under numerous online requests in a targeted DDoS-type attack, more than 100 people from eBay, PayPal`s parent company, worked for a month to solve their issues and spent millions on hardware and software to help prevent future such attempts. Not to mention operational loss caused by down time and customer dissatisfaction as they found they could not use their accounts because of the attacking party trying to prove a point.

The prosecutor, Sandip Patel, went against Christopher Weatherhead, Ashley Rhodes and Peter Gibson in court explaining that these DDoS attacks lead by Anonymous caused PayPal “enormous economic harm” when “he and others like him, waged a sophisticated and orchestrated campaign of online attacks that paralysed a series of targeted computer systems belonging to companies to which they took issue with, for whatever reason, and those attacks caused unprecedented harm,” as stated in the BBC.

DDoS attacks have become child`s play nowadays, thanks to the multitude of open-source attack tools such as the Low Orbit Ion Canon, and to the enormous opportunities for coordinating the attack via IRC. More and more unwary users join hacktivist groups for the sense of justice, but often forget that these attacks against companies cost real money and, sooner or later, their membership to a cyber-criminal group would land them in jail.