Bad Actors Largely Unchecked in Cybercrime Efforts

By Matthew Hines  |  Posted 2009-10-15 Print this article Print

Despite ongoing efforts to improve international law enforcement in the arena of cybercrime, the groups and individuals at the top of the electronic criminal food chain are not being stopped, or even slowed down, experts contend.

Just ahead of the 36th annual CSI security conference being held in Washington Oct. 24-30, Alex Lanstein, security researcher with anti-malware and botnet specialist FireEye previewed some of the conclusions that he plans to share during his presentation at the event.

Lanstein is planning to address the reality that top cyber-criminals, or so-called "bad actors," continue to run roughshod over the Web with little concern of being stopped by anyone.

While end users and organizations are doing more than ever to try to protect themselves online, a lack of any ability to catch and prosecute most cyber-criminals is allowing them to continue to have their way, he said.

"Cybercriminals are making millions stealing tangible dollars from actual consumers, targeting companies by leveraging both DDoS attacks and the threat of confidential information leakage, the hijacking of computing resources for illegitimate hosting and sending spam, and perhaps worst, performing cyber-espionage against government agencies," Lanstein said. "The monetization possibilities of malware and botnets are so numerous that the creativity of the cyber-criminal is the only limit on their impact at this point."

The international nature of cybercrime and criminal syndicates is making it impossible for law enforcement to have a noticeable affect on the problem, as bad actors use widely distributed botnet infrastructure and malware distribution techniques to distance themselves from their work and their targets.

Security researchers and regulators have had some success in trying to shutter shady ISPs and hosting companies that are allowing criminals to abuse their services, but as soon as someone gets shutdown -- a la the takedown of ISP McColo last year -- attackers are able to merely move their operations over to another provider who has yet to garner widespread attention.

Despite the lack of significant progress thus far, Lanstein said that law enforcement agencies and their partners need to continue to go after criminals by targeting their infrastructure channels. However, those efforts need to be far more aggressive and far reaching.

And increased cooperation among governments, regulators and law enforcement organizations in thwarting cybercrime will play a critical role, he said.

"Decisive action against bad actors has had the most effect when it directly hits their pain point, which as always, is their pocketbook," Lanstein said. "Increasing the cost of hosting fake Web sites and botnet command and control servers will go up with any increased risk of prosecution by law enforcement."

"By raising the cost of doing business, cyber crime can continue to be pushed out of the dark corners of the Internet into the more public facing infrastructures, where it is more easily combated."

Unfortunately, while experts like Lanstein have been calling for such action for years, government policy makers and Web regulators like ICANN haven't made fighting cyber crime enough of a priority to have any substantive affect.

Follow eWeek Security Watch on Twitter at: eWeekSecWatch.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel