With cybercrime being a global problem, law enforcement agencies in the United States and the United Kingdom have intensified their efforts to share information and combat illicit activity.
Recently, the Federal Bureau of Investigation (FBI) released a Distributed Denial of Service (DDoS) alert regarding “stresser/booter” services. These DDoS-for-hire services can be leveraged by cyber criminals, pranksters and hacktivists to conduct large-scale cyber-attacks designed to take down business and government websites.
DDoS attacks force targeted websites to become slow or inaccessible. These attacks prevent people from accessing online accounts, disrupt business activities and can create significant costs for companies that fall victim. They can also have a long-term effect on revenue, as DDoS attacks can cost these organizations their customers.
As we see cybercrime continue to rise and take new forms, it appears both the FBI and their U.K. allies are aggregating a new database in efforts to curb this growing threat. Let’s take a look at what this news might mean for your organization.
Beware Third-Party Security
Stresser/booter websites are often marketed as tools for testing websites against a real, albeit controlled, DDoS attack. Users can visit a stresser/booter site, apply to have their website tested and gain valuable security insights from the experiment.
However, recently there have been several arrests of alleged stresser/booter operators using their services nefariously. For example, the FBI requested that the Israeli police arrest two 18-year old men in connection with an investigation of a website which provided DDoS attacks “on-demand” for sale to bad-actors. Last year, a 19-year-old in England who ran a stresser called “Titanium Stresser” was found to have distributed the service internationally to cybercriminals who used the service to launch 1.8 million DDoS attacks over a two-year period.
Europol, the European Union’s agency for law enforcement cooperation, has found that DDoS attacks are not only on the rise but growing in their scope and threat. The 2016 Internet Organized Crime Assessment even notes stresser/booter sites as one of the top cybercrime challenges police are currently battling.
Despite data to illustrate the rise of these threats, British law enforcement officials estimate that about 90% of cybercrime isn’t reported to officials. Hopefully, this new database will help law enforcement make connections between previously unreported crimes.
Share Information, Protect Yourself
While efforts being made by the FBI to create an international database of bad-actors is a promising start, they’re by no means prepared to protect businesses today.
From faux-third party stresser/booter services to everyday phishing attempts and social engineering scams, businesses need to take their security into their own hands. Services like our Security Awareness Training can help you and your employees recognize these attacks and avoid falling victim to them, and our Managed Security Services can help you identify attacks as they are happening, allowing you to take action before disaster strikes.
Through regular trainings and creating a culture of security, businesses have plenty of tools to protect themselves from external threats. However, for the time being, our domestic and international watchdogs are behind the curve when it comes to anticipating criminal activity. For businesses considering a new approach to cybersecurity, don’t wait. The criminals won’t.