Where is Liam Neeson à la Taken (and don’t forget Taken 2: Someone Else Gets Taken) when you need someone to handle a kidnapping? Or in Meetup.com’s current scenario, a sitenapping? The site has been down since Thursday, citing a wave of distributed denial of service (DDoS) attacks. But in a blog today, the company said it’s not going to pay a $300 ransom to the hackers responsible to get its site back.
Meetup says on its company blog that it’s working hard to restore the site, and that no personal data has been leaked as a result of the hack, which has overwhelmed the site with traffic, knocking it offline for the last four days.
The company’s CEO Scott Heiferman writes that the first wave of attacks started on Thursday morning, when he received an email from someone saying he’d been asked to perform the DDoS on the site.
“I can stop the attack for $300 USD. Let me know if you are interested in my offer,” the email read.
Heiferman says that’s when the attack began, taking the site down quickly. Despite the fact that the site remains down, Meetup won’t pay the ransom, he writes, for a few reasons:
1. We made a decision not to negotiate with criminals.
2. The extortion dollar amount suggests this to be the work of amateurs, but the attack is sophisticated. We believe this lowball amount is a trick to see if we are the kind of target who would pay. We believe if we pay, the criminals would simply demand much more.
3. Payment could make us (and all well-meaning organizations like us) a target for further extortion demands as word spreads in the criminal world.
4. We are confident we can protect Meetup from this aggressive attack, even if it will take time.
He adds that though Meetup won’t pay the ransom, that doesn’t mean the site won’t be back up and reliable soon.
“We’ll continue to work diligently to restore the site and the apps, to bring back all features, and to minimize the effects of the service outages.”
Liam! We need your very special set of skills.