This has been a good month for fighting cybercrime. Don’t get comfortable

- Advertisement -

How Ransomware Attacks in the United States and around the world have reached a climax in 2021, private companies and governments have done their best vast promises more address and containment such attacks and destroy the cybercriminal ecosystem. The surge in activity in recent weeks highlights progress in these efforts. But cybercrime is still at an all-time high, and researchers warn that there is no single, end-to-end solution.

- Advertisement -

Ministry of Justice announced RaidForums, a marketplace for sensitive stolen data such as usernames and passwords, social security numbers and individual financial information, was shut down last Tuesday. They also said they had indicted the alleged founder and CEO of RaidForums, 21-year-old Diogo Santos Coelho from Portugal, and arrested him on January 31 in the UK. A day later Microsoft said it disrupted the ZLoader botnet, a favored malware distribution platform for ransomware participants, including the Ryuk gang, which known for targeting hospitals and other healthcare organizations. Microsoft even decided to name the alleged developer of one of the components of ZLoader, who lives in the Crimean peninsula, “to make it clear that cybercriminals will not be allowed to hide behind anonymity on the Internet to commit their crimes.” And during the first week of April, German law enforcement cooperated with US agencies. announced the closure of the Russian-language darknet market Hydra. In addition to providing a platform for the sale of drugs and other illegal goods, Hydra was a major money laundering and cashing out cybercriminal hub.

- Advertisement -

The destruction of the darknet and botnet market has been going on for many years, but the growing pace and scope of these interventions is noteworthy. For example, after the destruction of the Hydra, researchers found that users were concerned about how to replace his services and whether they can trust new sites that may just be fronts for law enforcement.

Allan Liska, an analyst at security firm Recorded Future, says: Whac-a-mole is still a good analogy for what’s going on, but that doesn’t mean there hasn’t been progress.

- Advertisement -

“Forgive me, I’ll stretch the analogy a bit,” he said. “When you first start playing Whac-a-moleyou can’t keep up and the moles keep winning. But if you go to Coney Island every day with a pocket full of quarters, you’ll really succeed in the end. For a long time, law enforcement and Big Tech got a little better each time, but now they seem to be training for Whac-a-mole championships. Over the past few years, we’ve seen an acceleration in takedowns.”

Liska says increased international cooperation, more law enforcement experience with digital operations, and better communication between the public and private individuals have helped improve the situation.

However, cybercrime is a constant threat. At the end of March, the FBI Internet Crime Complaint Center published its annual report on cybercrime-related material received in 2021. The group received 847,376 complaints for a total loss of nearly $7 billion, up 64 percent from 2020. attacks and malicious cyber activity.

However, researchers say that different types of cybercrime need to be dealt with in different ways. For example, the Internet Crime Complaint Center (IC3) stated in its 2021 compendium that nearly $2.4 billion in reported losses were due to business email compromise and email account compromise scams. And such schemes are less technical and much more decentralized than ransomware attacks and other forms of cybercrime.

“When a relatively small number of participants are performing a significant portion of the overall activity, law enforcement intervention can have a noticeable impact on the overall threat landscape,” says Crane Hassold, director of threat intelligence at Abnormal Security and a former digital behavior analyst at the company. FBI. “But BEC is highly decentralized; there are literally thousands of actors who are very loosely connected – there is no snake head.”

Even when it comes to centralized criminal infrastructure such as dark web marketplaces, malware families and botnets, the Hydra name fits. Law enforcement agencies carry out takedowns and even arrests only to find new versions of the same services that appear later, using the rebuilt infrastructure and managed by the actors in hiding. As Microsoft stated in announcing ZLoader’s demise, “Our intervention is intended to disable ZLoader’s infrastructure and make it difficult for this organized crime group to continue operating. We expect the defendants to make an effort to revive the activities of Zloader.”

However, Recorded Future’s Liska emphasizes that this relentless pace shouldn’t detract from the progress being made by defenders.

“Yes, bad guys can create new things. But we are much better at handling this new material,” he says.

This progress is mainly focused on the types of cybercrime that rely on cryptocurrency to enable mass transfer of value such as ransomware and digital ransomware. However, Hassold adds that BEC scammers use completely separate money mule networks and bank transfer schemes to steal traditional fiat currency.

“It just needs to be approached in a completely different way,” he says. “You can’t even arrest dozens or hundreds of these guys or take care of the main actors because there are no main actors.”

Even though law enforcement is making real progress honing its ability to carry out certain types of law enforcement, there is a bigger conceptual problem if more and more are showing up in your local arcade. Whac-a-mole cars around you.

More Great WIRED Stories


Credit: /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox