14 DAY TRIAL // The owners of overclockers.co.uk (OcUK) have announced on their forum that £10,000 (around $13,800) can be cashed in by anyone who provides a tip that leads to the arrest and prosecution of the cyber-criminals who disrupted the normal activity of the website for over a week.
OcUK is an on-line computer hardware reselling business founded ten years ago by Mark Proudfoot and Peter Radford. The website also provides popular community forums for enthusiasts, where hardware reviews, mods and overclocking tips are common discussion topics.
According to the site's administration, unknown cyber-crooks have been instrumenting a sustained DDoS (Distributed Denial of Service) attack for the past ten days against the servers hosting its on-line shop and forums. “I'd like to apologise to all our customers and forum members for any inconvenience caused,” the forum administrator writes. In the announcement, OcUK also makes it clear that the security of the website has not been affected, but only its performance and stability. “[...] If you have difficulty placing your order on-line, please call us,” the message advises.
The reward is tied to some conditions, the administration making it very clear that submitted tips must be usable by the Serious Organised Crime Agency (SOCA). Therefore, simple speculation and claims that cannot be backed up by proof do not qualify, even if they eventually prove to be accurate. The information can be provided anonymously via e-mail at [email protected]. “If you do reveal your identity, we will only disclose it to the Police with your permission,” the announcement specifies.
For the company to be willing to part with £10,000, it could mean that its business losses are significant. “I just can't begin to imagine what kind of financial disruption this must be having, if £10k can be awarded to someone who can identify the cause,” a forum member emphasizes. In addition, the company is taking unspecified measures to combat this attack, or at least lower its impact. “I cannot discuss what action is being taken to protect OcUK from these attacks, but I assure you wheels are in motion,” the forum administrator continues.
Such bounties are rare occurrences in the cyber-space, but they are not unheard of. A few months ago, Express Scripts, a leading North-American pharmacy benefit management company, offered a $1 million reward to anyone disclosing the identity of the cyber-criminals who obtained unauthorized access to its database, and compromised the personal information of millions of patients. This represented the company's response to extortion attempts instrumented by the attackers.
A similar reward program launched by Microsoft back in 2003 led to the arrest of the creator of the Blaster worm. The college friends of the virus writer were then enticed by the $250,000 put forth by the software giant.