By Roger A. Grimes
June 7, 2017
The long, awkward silence is always the first sign that a previously over-confident hacker realizes he's suddenly become the victim. It happens every time.
The malicious hacker had been firing his “ion cannon” at my network address trying to overwhelm my home computer and internet connection. I had sent him an email the day before letting him know that I knew who he was, what he did for a living (he was a budding wedding photographer), his name (Rick), and that he was newly married to a beautiful girl. That’s enough to frighten off most hackers, but sometimes, like Rick, they persist.
On his private, Tor-protected instant messaging channel, Rick was telling his buddies that he was getting ready to launch an even bigger distributed denial-of-service (DDoS) attack against me. He had been using a child-like hacker tool, but now he was thinking of paying a professional hacking service to attack me.
DDoS attacks, where hundreds to hundreds of thousands of otherwise innocent computers and devices can be directed to attack one targeted victim, can be devastatingly hard to stop — not just for me, but for anyone, nearly any company. The sustained flood of malicious network traffic consisting of billions of unwanted digital bits can knock all but the biggest and richest companies (think Google) off the internet. Once they start, the victim (in this case, me) can be kicked off the internet for several days.
I broke into his messaging channel and told him to knock it off. The hesitancy in his reply let me know that I had caught him off guard. He responded by calling me several unprintable names and accused me of being someone already a member of his hacker forum. When I replied that I wasn't, he renewed his taunting and said I would regret breaking into his private forum. I politely asked him to quit trying to attack me because I had to real work to get done.
The next night around the same time, I could tell by the sluggishness of my internet connectivity that the threatened DDoS attack was starting to happen. If I didn’t do something soon I was going to be out of commission for days. So, out of pure frustration of having to meet a work deadline, I hacked into his computer.
I had identified the computer and software he was using (this is known as “fingerprinting” in the hacker world), and I knew he was using an outdated firewall to protect it. One of my favorite hacker techniques is to break into computers and companies using the very software and devices they think will protect them. So, using a known vulnerability in that firewall, I broke into his computer, modified a file, and left a new script behind. I then connected to him on his messaging channel and told him to check out my work.