A federal court in Boston on Tuesday heard charges that 32-year-old John Bombard of Seminole used a variant of the Gaobot e-mail worm to turn computers–including systems at two universities whose names have not been disclosed–into an arsenal of "zombies" or "bots" that he could control remotely.

He then used this network of hijacked computers, known as a "botnet," to send a massive amount of traffic to the domain name system (DNS) servers of the Global Traffic Management division of Akamai, prosecutors alleged. Cambridge, Mass.-based Akamai provides caching services for Web sites belonging to big-name companies like Yahoo, Google, Microsoft and Apple Computers, among others.

This distributed denial-of-service attack, launched June 15, 2004, rendered many of Akamai’s clients’ Web sites temporarily inaccessible, according to the charges.

The charges of hacking, or "intentionally accessing a protected computer without authorization," carry potential penalties of up to two years’ imprisonment and a $200,000 fine.

The case comes as botnet controllers are using increasingly sophisticated tactics. Major arrests were made over the summer, but attackers have kept up by writing new worms to maintain their zombie armies. In the meantime, Web browser manufacturers are striving to introduce more secure upgrades, like Microsoft Internet Explorer 7.

Authorities in Russia have gaoled a gang of cyber-criminals who blackmailed online companies through distributed denial-of-service (DDoS) attacks.

The gang is said to have extorted more than $5000 from British online casinos and betting shops after threatening to attack their websites and render them inaccessible to the outside world.

Ivan Maksakov, Alexander Petrov and Denis Stepanov were each sentenced to eight years in prison and fined nearly $5000.

Victims of the online blackmail gang included Canbet Sports Bookmakers, which refused to pay a $12,500 ransom demand and had its website taken out of action by the hackers.

The DDoS attack coincided with the Breeders’ Cup, costing Canbet more than $250,000 in lost business for each day of downtime.

According to prosecutors, the gang made over 50 similar blackmail attacks in 30 countries during their six-month spree.

"Malicious DDoS attacks on commercial websites can cause serious financial damage to the businesses affected, and are a major nuisance to internet users," said Graham Cluley, senior technology consultant at Sophos.

"These sentences should send a strong message to other hackers considering online blackmail, that they can expect stiff sentences if caught.

"However, many gangs may believe that the relative anonymity of the internet gives them carte blanche to carry on. All computer users should ensure that they have secure defences in place to protect against abuse like this."