Two Polish computer programmers who attempted to blackmail two major unnamed online casino sites – one in the UK and one in the United States – have now been sentenced to prison, after a police sting nabbed the pair earlier this year.
Piotr Smirnow, 31, and Patryk Surmacki, 35, approached the owner of the UK site and requested a meeting. The victim – who owns a Manchester-based Internet casino – later met the pair under the understanding that Smirnow had a business proposition for him. He had known the pair for four years prior to the proposed business meeting, according to police reports.
But things took an ugly turn when, during the meeting – which took place at Heathrow Airport’s Terminal 5 – the computer programmers demanded a 50 percent share of the man’s company and threatened to take down the casino site’s servers if he declined.
The pair told the owner that they knew a notorious computer hacker by the name of “Wapo” in the U.S., who they claimed would carry out the cyber-attack on the company’s servers if the pair paid him to do so, thereby stopping the operations of the company.
Known as a “distributed denial of service” (DDoS), the court was told that the attack is capable of bringing down even the most sophisticated of websites by overwhelming them through a mass attack of the company’s computer servers.
As the business owner refused to hand over 50 percent of his company, Smirnow and Surmacki carried out their threat on August 2nd and paid the cloaked American hacker £12,000 ($19,700) to do their dirty work. The Manchester-based site went down for five hours, costing the business £15,000 ($24,558) when no customers could access the site during that time.
The victim had already alerted Manchester police to the duo’s threat, however, and another meeting was set up in a bugged hotel room next to Heathrow Airport on August 7th.
When the owner of the business told the pair that he would not cooperate with them, they told him that they were “going to war” and were then arrested by police who were on standby.
Smirnow also admitted that he had carried out a similar attack on an American victim through a Skype call, during which he stated that they had “enough power so people can’t try to push us around anymore,” leading Detective Inspector Mossop to the understanding that the investigation had taken down an “emerging global cyber threat.” This time the victim was a U.S.-based gaming platform that enables 100 casino sites worldwide.
As for the U.S. site owners, they obviously dodged a bullet.
“This case made me fear for my personal safety, as well as for the future of my business. Which is why I felt compelled to take action against the perpetrators,” said the owner of the Manchester-based casino site, which is estimated to be worth £30 million ($49,143,000). It’s estimated that a week-long attack on this business would have cost the site owner a $600,000 loss, according to court reports.
“No one should have to succumb to blackmail and this sentence should act as a warning to those involved in cyber extortion that the police and the courts will view this type of conduct very seriously,” the site owner added.
Smirnow and Surmacki later pleaded guilty to two charges of blackmail and unauthorized acts on computers, and were sentenced to five years and four months each by Judge Michael Henshaw at the Manchester court. Their own defense team described their attempted blackmail as “bizarre, misconceived, naïve and brazen.”
“They used their intimate, expert knowledge of online business to attempt to bully the victims into submission,” revealed Detective Inspector Chris Mossop of the Serious Organised Crime Division. “But make no mistake, they may have been using the latest technology, but this was simply good old-fashioned blackmail.”