- Jan 8, 2011
- 22,361
Source: MeetUpBlog.com
Here’s what happened. On Thursday morning, I received this email:
Date: Thu, Feb 27, 2014 at 10:26 AMSimultaneously, the attack began, our servers were overwhelmed with traffic, and our services went down.
Subject: DDoS attack, warning
A competitor asked me to perform a DDoS attack on your website. I can stop the attack for $300 USD. Let me know if you are interested in my offer.
The natural question I know many of you will ask is why didn't we pay, especially since the amount of money demanded was ridiculously small ($300 USD).
We chose not to pay because:
- We made a decision not to negotiate with criminals.
- The extortion dollar amount suggests this to be the work of amateurs, but the attack is sophisticated. We believe this lowball amount is a trick to see if we are the kind of target who would pay. We believe if we pay, the criminals would simply demand much more.
- Payment could make us (and all well-meaning organizations like us) a target for further extortion demands as word spreads in the criminal world.
- We are confident we can protect Meetup from this aggressive attack, even if it will take time.