National Crime Agency tricks cyber-criminals

The National Crime Agency has infiltrated a cyber crime marketplace by setting up websites pretending to offer the tools needed to mount distributed denial of service (DDoS) attacks.

The sting, known as Operation PowerOff, was a honey trap for hackers and saw several thousand people have accessed these websites, which offer what are known as DDoS-for-hire or “booter” services. The details of people that have registered with the fake website have been collated by investigators.

The NCA has now identified one of the websites it was running, replacing it with a message that the users have had their data collected and “will be contacted by law enforcement” for a quite word.

In the UK will be contacted by the NCA or police and warned about engaging in cyber crime, while the details of those overseas are being passed to international law enforcement.

NCA’s National Cyber Crime Unit Alan Merrett said “booter services” are a key enabler of cyber crime. “The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with ease,” he said.

Merrett added that traditional site takedowns and arrests are key components of law enforcement’s response to threats, but said: “We have extended our operational capability with this activity, at the same time as undermining trust in the criminal market.”

The NCA said it will not reveal how many sites it has or for how long they have been running. Merrett said: “Going forward, people who wish to use these services can’t be sure who is actually behind them, so why take the risk?”