惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Schneier on Security
有赞技术团队
有赞技术团队
T
The Blog of Author Tim Ferriss
F
Fortinet All Blogs
D
DataBreaches.Net
F
Full Disclosure
腾讯CDC
博客园 - 【当耐特】
MyScale Blog
MyScale Blog
Stack Overflow Blog
Stack Overflow Blog
小众软件
小众软件
Hugging Face - Blog
Hugging Face - Blog
Last Week in AI
Last Week in AI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
爱范儿
爱范儿
The GitHub Blog
The GitHub Blog
Engineering at Meta
Engineering at Meta
大猫的无限游戏
大猫的无限游戏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
S
SegmentFault 最新的问题
The Register - Security
The Register - Security
WordPress大学
WordPress大学
博客园 - 聂微东
雷峰网
雷峰网
J
Java Code Geeks
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy International News Feed
酷 壳 – CoolShell
酷 壳 – CoolShell
A
Arctic Wolf
Scott Helme
Scott Helme
C
Cyber Attacks, Cyber Crime and Cyber Security
T
Tor Project blog
博客园 - 三生石上(FineUI控件)
Know Your Adversary
Know Your Adversary
AWS News Blog
AWS News Blog
G
Google Developers Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
C
CERT Recently Published Vulnerability Notes
O
OpenAI News
Project Zero
Project Zero
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Application and Cybersecurity Blog
Application and Cybersecurity Blog
云风的 BLOG
云风的 BLOG
N
News and Events Feed by Topic
MongoDB | Blog
MongoDB | Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Microsoft Security Blog
Microsoft Security Blog
Cisco Talos Blog
Cisco Talos Blog
P
Palo Alto Networks Blog
Schneier on Security
Schneier on Security

University of Cambridge - Cybersecurity

Price of a bot army revealed across hundreds of online platforms AI art protection tools still leave creators at risk, researchers say Whistleblowing tech based on Cambridge research launched by the Guardian Researchers demonstrate the UK’s first long-distance ultra-secure communication over a quantum network Building business partnerships Architecting the future Honour among thieves: the study of a cybercrime marketplace in action Lockdown 'helps fuel rise in cybercrime' Most laptops vulnerable to attack via peripheral devices, say researchers
Prevention better than cure at keeping young users from getting involved in cybercrime
Sarah Collin · 2019-10-21 · via University of Cambridge - Cybersecurity

Highly-targeted messaging campaigns from law enforcement can be surprisingly effective at dissuading young gamers from getting involved in cybercrime, a new study has suggested.

The study, by researchers from the University of Cambridge and University of Strathclyde, looked at four different types of law enforcement interventions, the first evaluation of the their effectiveness for this particular type of cybercrime.

They found that while high-profile arrests and sentencing of cybercriminals only lead to a short drop in the number of attacks taking place, the takedown of infrastructure and targeted messaging campaigns were strongly associated with a sharper and longer-term reduction in attack numbers. The results will be presented today (21 October) at the ACM Internet Measurement Conference in Amsterdam.

For just a few dollars, almost anyone can become involved in cybercrime through the use of ‘booter’ service websites, where users can purchase targeted denial of service (DoS) attacks. A DoS attack generates large amounts of traffic which overwhelm end users or web services, taking them offline.

DoS attacks have been used in the past as a protest tactic, but because of booter services and the relative ease of using them, they are commonly used by users of gaming sites, as a form of retaliation against other users – the largest booter provider carries out between 30,000 and 50,000 such attacks every day.

While DoS attacks are usually targeted at a specific end users, they can often cause collateral damage, knocking out other users or systems.

“Law enforcement are concerned that DoS attacks purchased from a booter site might be like a ‘gateway drug’ to more serious cybercrime,” said Ben Collier from Cambridge’s Department of Computer Science & Technology, the paper’s first author. “A big problem is that there is still relatively little evidence as to what best practice looks like for tackling cybercrime.”

“Even people running booter services think that booting is lame,” said Dr Daniel Thomas from Strathclyde’s Department of Computer and Information Sciences. “This makes the market particularly vulnerable to disruption.”

Collier and his colleagues from the Cambridge Cybercrime Centre used two datasets with granular data about the attacks from booter sites, and modelled how the data correlated with different intervention tactics from the National Crime Agency (NCA) in the UK, the Federal Bureau of Investigation (FBI) in the US, and other international law enforcement agencies.

While operating a booter service or purchasing a DoS attack is illegal in most jurisdictions, earlier research has found that most booter operators were unconcerned about the possibility of police action against them.

The researchers found that arrests only had a short-term effects on the volume of DoS attacks – about two weeks – at which point activity went back to normal. Sentencing had no widespread effect, as attackers in one country weren’t affected by sentences in another country.

Taking down infrastructure – as the FBI did at the end of 2018 – had a far more noticeable effect, and suppressed the booter market for months. “This FBI action also reshaped the market: before, it was what you’d expect in a mature ecosystem, where there several large booter services and lots of smaller ones,” said Collier. “But now there’s really just one large booter service provider, and you’re starting to see a few smaller ones start to come back.”

The most interesting results were around targeted messaging. From late December 2017 to June 2018, the NCA bought targeted Google adverts aimed at young men in the UK. When a user searched for booter services, a targeted advert popped up, explaining that DoS attacks are illegal.

“It’s surprising, but it seems to work, like a type of digital guardianship,” said Collier. “At the exact moment you get curious about getting involved in cybercrime, you get a little tap on the shoulder.

“It might not work for people who are already involved in this type of cybercrime, but it appeared to dramatically decrease the numbers of new people getting involved.”

While the researchers say this evidence suggests that targeted online messaging has the potential to be a potent tool for preventing crime, it also poses questions about what accountability structures might be required for its wider use as a police tactic.

This has already had direct policy impact, and the FBI and NCA have used this research to inform their strategies for dealing with booter services.

The research was supported by the Engineering and Physical Sciences Research Council.

Reference:
Ben Collier, Daniel Thomas, Richard Clayton and Alice Hutchings. ‘Booting the Booters: Evaluating the Effects of Police Interventions in the Market for Denial-of-Service Attacks.’ Paper presented at the ACM Internet Measurement Conference 2019. Amsterdam, the Netherlands.