Skip to main content

Was 'World's Biggest Cyberattack' Caused by a Schoolboy?

It sounds like the premise of a movie: a 16-year-old London schoolboy arrested for alleged involvement in what was called the "world's biggest cyberattack."

The London Evening Standard reported that detectives from Britain's National Cyber Crime Unit noticed "significant sums of money…flowing through [the boy's] bank account."

When the officials arrived at the boy's house this past April, he was logged in to "various virtual systems and forums," according to an internal police briefing document seen by the Evening Standard. The officials worked through the night to secure the information on his systems, according to the official document.

MORE: 13 Security and Privacy Tips for the Truly Paranoid

The boy's arrest may have been part of an international investigation, dubbed "Operation Rashlike," into an organized cybercrime gang.

The investigation is also linked to a March 2013 incident briefly known in the media as the "world's biggest cyberattack."

It began when a squabble between two European-based Internet entities escalated to such a massive scale that the Internet temporarily slowed down in parts of Europe.

The involved parties were Spamhaus, a Swiss anti-spam organization, and CyberBunker, a Dutch Web-hosting service.

CyberBunker's open-door policies attract unsavory clients, such as spammers and other shady marketers, so Spamhaus blacklisted it. CyberBunker wasn't happy about that.

In March, Spamhaus became the target of ever-increasing distributed denial of service (DDoS) attacks, which flooded its website with so much random information that its servers were slowed and its website was eventually knocked offline.

The alleged culprit behind the DDoS attacks was an anti-Spamhaus group called Stophaus. Stophaus's spokesman, a Dutchman named Sven Olaf Kamphuis, was one of the founders of CyberBunker.

Over a single week, Stophaus carried out a series of attacks: first, against Spamhaus itself; then Spamhaus' network-reliability provider, CloudFlare; and on March 23, several of CloudFlare's regional bandwidth providers, causing the Internet to slow down in England, the Netherlands and northern Germany.

At one point, the attacks amounted to 300 gigabits of data per second — a new DDoS record.

In April, the Dutch Ministry of Security and Justice announced that it had arrested a man in Spain, identified only by the initials SK, for alleged involvement in these attacks.

It has not yet been confirmed whether SK and Kamphuis are the same person, but the 16-year-old London schoolboy also might have been involved in the cyberattacks against Stophaus.

At the Black Hat security conference in July, CloudFlare CEO Matthew Prince said the mastermind behind the Spamhaus attack was not Kamphuis, but a teenager in Britain.

Prince said he could not disclose more at the time.

Email jscharr@techmedianetwork.com or follow her @JillScharr. Follow us @TomsGuide, on Facebook and on Google+.

  • slomo4sho
    And he will end up with a corporate or government job for his accomplishments... and people wonder why hackers continue to flourish.
    Reply
  • joe nate
    Am I the only one who thought "Hack the planet!" when I read this?
    Reply
  • memadmax
    *Yawn*
    Reply
  • MANOFKRYPTONAK
    That is hilarious!
    Reply
  • randomizer
    An article with a question as the title? Time to find the tiny piece of vague, unsubstantiated speculation that prompted it.

    *Scans wall of text*

    Aha!

    ...but the 16-year-old London schoolboy also might have been involved in the cyberattacks against Stophaus.
    Reply
  • lpedraja2002
    @ slomo4sho

    You watch too much movies. DDoS is not a special skill that lands you a job, anyone with bad intentions can learn how to do it by reading, its not a difficult thing to do. What lands you a job in Information Security is knowing how to counteract these kinds of attacks. Hackers go to jail aand get fined like any prisoners, we just don't hear about the aftermath because their real names are barely know if ever.
    Reply
  • derekullo
    At least he has lunch money now
    Reply
  • Andrew Stephens
    You are still listening to Mathew Prince. He's the guy that said it was "crippling the interwebz" and the one that shoved the impulsive promo media down NYT's throat. Ask Nicole Perlroth...she'll tell you. Was it Sven, Andrew, STOPhaus, a London teen, Eastern European Cyber Criminals, the Russian Mob, or a collection of ISPs? Pick a paper and you'll get a different story.
    Reply
  • KelvinTy
    Another teenager's life ruined. I wish there are better teachers to put kids in the right path, instead of doing something they will regret in their 20s.
    It's just sad that 99.99% of the school's IT department sits around and does nothing but BT, amazon and ebay. If they would spend sometime preparing better IT teaching materials and giving ideas of moral responsibility, Britain would definitely be a lot better off.
    Reply
  • Someone Somewhere
    he was logged in to "various virtual systems and forums,"

    Real dangerous; got to be guilty. How dare he use GMail and forums.

    The officials worked through the night to secure the information on his systems,
    If he knew what he was doing, they would have found nothing. Because anything incriminating would be on an encrypted OS on a flash drive, and he'd have rebooted to a 'nothing here' OS on his normal HDD.

    I'm guessing it's a pile of rubbish or he's just a middleman who moves the money - a reseller.
    Reply