Posted on February 22, 2020 at 1:43 PM
The political structure within the US is an extraordinary, polarizing system. While it has its upsides and drawbacks, like any other major political system, the polarizing nature of US politics causes a few unique events to occur.
Today, a California man was arrested and has been charged with using a distributed denial-of-service (DDoS) attack to take down the website of a congressional candidate. This candidate was the direct rival of the candidate that employed this man’s wife.
Attempted Political Alteration
The man in question, Arthur Jan Dam, comes from Santa Monica. FBI Agents arrested the 32-year-old on Thursday. The criminal complaint that was filed in the federal court of Los Angeles According to the complaint, Dam initiated a DDoS attack on the website of the candidate that went against Katie Hill during the 2018 primary election. The DDoS, reported through The Intercept, could’ve been a significant factor in Hill’s victory.
Hill only won with less than 3,000 votes, then proceeded to flip the republican-held seat in the general election. In a sad twist of fate, Hill was later forced to resign due to nude photos of her having been published without her consent on the internet. Things like that never go away.
A “Helping” Hand
The apparent motivation for this DDoS attack, according to The Intercept’s report, was due to his marital status. Dam was married to none other than Kelsey O’Hara, the fundraiser for Hill’s campaign. With that as enough apparent motivation, Dam initiated four DDoS attacks in total against Bryan Caforio, Hill’s rival within the primary.
Caforio was forced to dock out anything between $27,000 and $30,000 to respond to the service outages, clocking in at 21 hours. The overarching effect of this is that California gained fewer campaign contributions than he could have gained initially.
As reported by the Rolling Stone, the FBI has yet to uncover evidence that Dam’s wife or Hill herself had involved themselves with the attacks. As far as can be determined, this was spurred out of Dam’s own initiative, though what was the catalyst will doubtless stay a mystery.
Big Ideas, Big Mistakes
The attacks themselves were tracked to servers based on the Amazon Web Services. After the FBI tracked that down, it was easy to detect which account controlled the servers themselves.
Having traced the account back to Dam, it was further uncovered by the FBI that the IP address used was from Dam’s home and workplace. The nail in the coffin for Dam is the fact that he started to search the web for topics and tools related to DDoS.
These searches include things like “Slow Loris,” “Juniper ex3300”, as well as “Slow Loris nodejs.”Other concerning internet searches include terms that involve computer exploits. Luckily, it isn’t suspected that he used said computer exploits. As you can tell, the man wasn’t particularly clever with his tactics.
He did, however, try and cover his tracks. Some of these attacks had their packet headers spoofed to try and give the impression that the massive influx of traffic came from legitimate sources within the US. Places like USA Today, Google, and Engadget were spoofed to try and bring forth the veneer of legitimacy to the attack.
One of these DDoS attacks came just an hour before the candidate had to partake in an election debate. As a result, Caforio was forced to leverage social media platforms to make his public statements, hours after the fact.
This story was quite an interesting one, indeed. US politics is a strange beast in and of itself, and stories like this only testify to it. There seems to be no external motivation as to why Dam did this. It’s just a tactic he thought up on his own, it seems.