Meetup.com Deals with First Extortion Attempt Ever
- By Ginger Hill
- Mar 04, 2014
Have you heard about the strange email that the CEO of Meetup.com received on Thursday, February 27, 2014 at 10:26am? Apparently when Scott Heiferman opened his inbox he received the following message: “A competitor asked me to perform a DDoS attack on your website. I can stop the attack for $300 USD. Let me know if you are interested in my offer.” But, before reading the last word, meetup.com was swarmed with an 8.2 gigabit attack that almost sent the site to its demise, the company’s first attack in their 12-year history.
After taking approximately 24 hours to bring meetup.com back online on Friday, February 28, 2014, it went down again the next day, back up that night and down on again the following night. This up and down, roller coaster effect, is all the reason why companies should have an emergency response plan specifically for cyber-related events.
Experts are calling this attack a textbook example of a DDoS extortion attempt due to the ridiculously low amount of money demanded and the half-hearted reference to third-party attackers.
Left with this strange request for $300 bucks, meetup.com didn’t pay because they refuse to negotiate with criminals.
“You can’t negotiate with terrorists,” said Meetup.com CTO Gary Burns.
Besides, with extortion and such a low price, the $300 might just be a down payment, so meetup.com decided that a little down time was the way to go in this situation.
Ginger Hill is Group Social Media Manager.