Sudanese Individuals Face Charges for Massive DDoS Attack Campaign in LA

Gavel, books, and handcuffs on a table.

Two Sudanese nationals face severe charges in Los Angeles, accused of launching over 35,000 cyberattacks that disrupted global infrastructures.

At a Glance

  • Ahmed Salah Yousif Omer and Alaa Salah Yusuuf Omer were indicted for cyberattacks linked to Anonymous Sudan.
  • Anonymous Sudan targeted vital infrastructures including U.S. government agencies and healthcare facilities.
  • Operations harmed critical services, causing $10 million in damages to U.S. entities.
  • An international investigation led to the seizure of their DDoS tool and the arrest of the brothers.

Indictment and Charges

A federal grand jury in Los Angeles has indicted Ahmed Salah Yousif Omer and Alaa Salah Yusuuf Omer, Sudanese nationals and alleged members of Anonymous Sudan, on cybercrime charges. Prosecutors allege involvement in over 35,000 Distributed Denial of Service (DDoS) attacks affecting networks across healthcare, government, and corporate sectors. Los Angeles federal court accuses them of a conspiracy that has disrupted vital services and caused operational chaos. Their actions underscore the persistent threat of international cybercriminals.

Victims included notable entities such as Cedars-Sinai Medical Center, the U.S. Department of Justice, the Department of Defense, the State Department, and private corporations like Microsoft and Riot Games. The attack on Cedars-Sinai notably impaired medical operations, while disruptions in other sectors emphasized the digital vulnerabilities faced today. These operations reflect significant risks to infrastructure security and critical services globally.

FBI and Global Response

The U.S. Attorney’s Office and FBI coordinated with international law enforcement through Operation PowerOFF to dismantle the cybercriminal network. In March 2024, authorities seized and disabled Anonymous Sudan’s DDoS tool, halting further attacks. These efforts involved cooperation with tech companies such as Akamai, Amazon Web Services, and Cloudflare, highlighting the collaborative strategy essential for modern cybersecurity defenses.

The investigation traced communications to Telegram, noting up to 80,000 users subscribed to Anonymous Sudan’s updates. This vast network reflects sophisticated methods employed by cybercriminals to expand their reach and maintain operational secrecy. Such insights are crucial for law enforcement in preempting further cyber threats.

Legal and Security Implications

The legal proceedings foreshadow potential precedent-setting decisions. Ahmed Salah faces life imprisonment, with Alaa facing up to five years if convicted. These potential sentences reflect the gravity of their cybercrimes. The indictment exemplifies efforts to hold accountable those who endanger public safety and national security through digital channels. Although the brothers were detained abroad earlier in March, specifics on their extradition remain undisclosed.

Efforts by U.S. and international partners to disable the Distributed Cloud Attack Tool (DCAT) play a crucial role in preventing future cyber threats. These developments are pivotal in protecting global infrastructure from similar attacks, stressing the need for ongoing vigilance and innovative security solutions in a connected world.

Sources:

  1. Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks on Hospitals, Government Facilities, and Other Critical Infrastructure in Los Angeles and Around the World
  2. 2 Sudanese brothers charged with running cyberattack-for-hire gang
  3. 2 Sudanese Nationals Indicted in Alleged Cyber Crimes Against Businesses, Hospitals, Agencies