The owner of Cybersecurity firm BackConnect turned from cyber defender to cyber criminal – He is now reaping what he sowed.
A Macon, Georgia-based businessman, Tucker Preston, has confessed to co-founding a cybersecurity firm BackConnect with the mission of protecting firms from distributed denial of service attacks or as commonly known as DDoS attacks but eventually hiring cybercriminals to launch DDoS attacks against a New Jersey-based company.
Preston, reportedly, paid cybercriminals for this DDoS-for-hire service in which series of attacks were launched between Dec 2015 and Feb 2015. Perhaps, Preston took his company’s mission statement of setting “new industry standard in DDoS mitigation” a bit too seriously.
It is worth noting that in DDoS attacks, a website is bombarded with a high volume of internet traffic until it stops functioning and eventually goes offline.
According to blogger Brian Krebs, Preston was accused of targeting an unidentified firm with DDoS attacks by a New Jersey court. The 22-year old has pleaded guilty [PDF] to one count of causing damage to protected computers through transmitting a command, program, or code and incurring damage of up to $5,000 to the targeted company.
He can get up to 10 years of jail time and around $250,000 in fine or twice the amount of the gross loss or gain from the attack. He is due to be sentenced on 7 May 2020.
The Department of Justice released an official statement on January 16, which read:
“In or around December 2015, Preston arranged for an entity that engages in DDoS attacks to initiate attacks against a company. The entity directed DDoS attacks against the victim company, causing damage and disrupting the victim’s business.”
BackConnect Security LLC was featured on Krebs’ blog KrebsOnSecurity back in 2016, which provided in-depth details on how the company was involved in hijacking internet space to protect its clients from DDoS attacks.