Honeypot Sting Exposes British Cyber Criminals

Thousands of suspected cyber criminals have been exposed their identities after falling for a honeypot sting run by Britain's National Crime Agency (NCA). This activity forms part of Operation Power Off, the coordinated international response targeting criminal DDoS-for-hire infrastructures worldwide.

The operation was part of a global law enforcement operation to clamp down on cyber criminals using Distributed Denial of Service (DDoS) tactics to target online businesses and users. The operation saw several fake websites created purporting to offer services to cyber criminals.

The NCA said it created several fake DDoS-for-fire websites. “All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks,” the agency said in a statement.  

DDoS-for-hire services are online platforms offering to generate massive garbage HTTP requests towards a website or online service in exchange for money that overwhelm the webserver and take it offline.

During the operation, the NCA said that “several thousand” people accessed the websites and provided details in order to access criminal services. Investigators revealed that details given by prospective customers have been collated and will be used to target criminals. “All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks,” the NCA said.  

DDoS-for-hire services enable users to set up accounts and coordinate DDoS attacks “in a matter of minutes”, according to the NCA.  Such attacks have been highly effective in hacking businesses, critical national infrastructure, and public services.

Collectively, the sites taken down in this operation were used to carry out more than 30 million attacks in recent years. 

Alan Merrett from the NCA’s National Cyber Crime Unit commented “The perceived anonymity and ease of use afforded by these services means that DDoS has become an attractive entry-level crime, allowing individuals with little technical ability to commit cyber offences with eased... Traditional site takedowns and arrests are key components of law enforcement’s response to this threat. However, we have extended our operational capability with this activity, at the same time as undermining trust in the criminal market.” 

The NCA explained that while takedowns and arrests are still a key component of the fight against the threat, their latest tactics extend the impact of their operations to undermine trust in criminal markets and stop DDoS attacks at their source.

The move by the NCA follows a recent crackdown on DDoS-for-hire services globally. In December last year, 48 of the world’s most popular sites were taken offline in a coordinated sting involving the FBI, NCA, and Europol.

NCA:    ITPro:      PCMag:     Bleeping Computer:     Insurance Tines:     

You Might Also Read: 

Conflict Drives A Significant Increase In DDoS Attacks:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« New Webinar: Next-generation Firewalls
Universities Are Exposing Their Students To Cyber Threats »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CloudCheckr

CloudCheckr

CloudCheckr is a next-gen cloud management platform that unifies Security & Compliance, Inventory & Utilization and Cost Management.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Digital Ship

Digital Ship

Digital Ship provides news, information, conferences and events focused on digital ship systems, information technology and security relating to maritime operations.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

ShieldIOT

ShieldIOT

ShieldIOT delivers a complete AI-powered security solution across any IoT device, application and network.

LeadingIT

LeadingIT

Leading IT provides IT support, cloud computing, email support, cybersecurity, networking and firewall services to Chicagoland businesses.

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.

Atlas Systems

Atlas Systems

Atlas Systems helps companies large and small accelerate their digital transformation journeys – expanding their capabilities and delivering tailored solutions including cybersecurity.

SGS Brightsight

SGS Brightsight

SGS Brightsight is the largest independent security evaluation lab in the world, with ten recognised labs worldwide.