Content, Breach

DDoS Conviction: IT Consultant Receives 15-Year Prison Sentence


John Kelsey Gammell, a former employee at Minnesota-based point-of-sale (POS) services provider Washburn Computer Group, has been sentenced to serve 15 years in prison for engaging in and directing distributed denial of service (DDoS) attacks against U.S. websites.

Gammell directed DDoS attacks against websites operated by his past employers, companies that declined to hire him, competitors of his business and law enforcement agencies and courts, according to the U.S. Department of Justice (DOJ). He launched DDoS attacks against these websites from at least July 2015 until about March 2017.

Several Minnesota organizations were affected by Gammell's DDoS attacks, including:

  • Washburn Computer Group.
  • Dakota County Technical College.
  • Minneapolis Community and Technical College.
  • Hennepin County Sheriff's Office.

In addition, Gammell purchased subscriptions from multiple "DDoS-for-hire" companies, including:

  • VDoS.
  • CStress.
  • Inboot.
  • IPStresser.

Gammell used various techniques to avoid detection and circumvent DDoS attack victims' mitigation efforts, and these techniques included:

  • Deploying IP address anonymization services to hide his identity and location.
  • Using multiple DDoS-for-hire services at the same time to amplify his attacks.
  • Utilizing spoofed emails to disguise his conduct.
  • Submitting cryptocurrency payments for DDoS-for-hire services.
  • Leveraging encryption and drive-cleaning tools to conceal digital evidence of his conduct on his computers.

Gammell in January pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer and two counts of being a felon-in-possession, according to DOJ. He also admitted to directing DDoS-for-hire companies to launch cyberattacks.

How Can MSSPs Help Customers Address DDoS Attacks?

Organizations often require several hours to identify and address DDoS attacks, recent research from information services and analytics provider Neustar indicated. However, MSSPs that understand the cyber threat landscape can help customers resolve DDoS attacks faster than ever before.

Today's organizations must look beyond DDoS attack identification, Neustar pointed out. Fortunately, MSSPs can provide security services to help customers analyze their security posture and determine the best ways to limit the impact of DDoS attacks.

Organizations also must develop a DDoS protection strategy and implement it across all departments, Neustar recommended. MSSPs can help customers develop effective DDoS protection strategies and ensure an organization's employees are fully prepared to deal with DDoS attacks and other cyber threats.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.