The National Crime Agency (NCA) has announced that it has successfully infiltrated several online criminal marketplaces that offer Distributed Denial of Service (DDoS)-for-hire or ‘booter’ services.
These services allow users to easily set up accounts and order DDoS attacks in a matter of minutes, which can cause significant harm to businesses, critical national infrastructure, and prevent people from accessing essential public services.
What are DDoS-For-Hire or ‘Booter’ Services?
DDoS attacks are illegal in the UK under the Computer Misuse Act 1990, as they are designed to overwhelm websites and force them offline. DDoS-for-hire or ‘booter’ services make it easy for individuals with little technical ability to commit cyber offences by offering perceived anonymity and ease of use. These services have become an attractive entry-level crime that enables cybercrime.
The NCA’s Infiltration of Criminal Online Marketplaces
To combat this threat, the NCA has created several fake websites that appear to offer tools and services for executing DDoS attacks. These sites have so far been accessed by several thousand people, and once users register, their data is collated by investigators rather than being given access to cybercrime tools. Users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cybercrime. Information relating to those based overseas is being passed to international law enforcement.
The Risks of DDoS Attacks
DDoS attacks have the potential to cause significant harm to businesses and critical national infrastructure. They often prevent people from accessing essential public services and can disrupt everyday life. Traditional site takedowns and arrests are key components of law enforcement’s response to this threat. However, the NCA’s infiltration of criminal online marketplaces provides an extended operational capability that undermines trust in the criminal market.
International Collaboration in Operation Power Off
This activity is part of Operation Power Off, a coordinated international response targeting criminal DDoS-for-hire infrastructures worldwide. In December last year, 48 of the world’s most popular booter sites were taken offline by the FBI, following close collaboration with the National Crime Agency, Netherlands Police, and Europol.
The NCA also arrested an 18-year-old man in Devon, who was suspected of being an administrator of one of the sites. The sites seized were the biggest DDoS-for-hire services on the market, with one having been used to carry out over 30 million attacks.
In conclusion, the NCA’s infiltration of criminal online marketplaces is a significant step towards combating cybercrime. By undermining trust in the criminal market, law enforcement agencies are making it more difficult for individuals to engage in illegal activities. International collaboration in Operation Power Off highlights the importance of working together to combat this threat and protect businesses, critical national infrastructure, and public services.