Three weeks ago I wrote about an implied denial of service threat I received from a belligerent moron who failed to convince me that taggers are not morons. I followed the advice I received and reported the threat to CERT, who responded the next day and advised me to report the threat to the AFP.
I did so, and waited. And waited… Three weeks later I received a brief response. Either they are very busy or they don’t know or care about providing any kind of customer service. Either way, I am not impressed with the three week wait or their advice, which is that making a denial of service attack threat is not a crime.
How can that be true? I thought making a threat to perform any crime is a form of blackmail that makes performing the threat itself a crime. Apparently not. So, according to the AFP, feel free to threaten any website publisher with a denial of service attack if they don’t publish your puerile comments.
They also don’t seem to understand the difference between an ISP and a hosting provider, which suggests they are ignorant and incompetent.
The complete email from the AFP is below:
Good Morning Brian,
Thank you for your correspondence to the Australian Federal Police (AFP).
The AFP is the primary law enforcement agency that investigates breaches of Commonwealth Law, of a criminal nature, that directly affect the Commonwealth of Australia.
Your information has been reviewed by High Tech Crime Operations (HTCO) and we advise the following:
-It is not an offence to threaten a DDoS attack.
-There is insufficient evidence to suggest that the call you received relates to the DDoS threat.
-Recommend you contact CERT Australia, which you have already done.
-HTCO further recommend you contact your internet service provider (ISP) and request to have protection placed on your site to minimise/reduce issues arising from DOS/DDoS attacks.
As there has been no Commonwealth Offence identified, the AFP intends to take no further action.
OPERATIONS MONITORING CENTRE
AUSTRALIAN FEDERAL POLICE
Given the three weeks that have passed, and nothing further has happened, reporting the threat to my hosting provider seems pointless. As was asking for the advice of the AFP…