It's official, the US is now considering ransomware attacks equivalent to terrorism when it comes
Krebs on Security has an article published on October 16th from this year (I know I am behind) detailing the attack of a known black market card fraud site BriansClub. What is interesting about this whole hack is that it is not some vigilante group going after the site to save consumers, but rather it is a rival black market operation trying to sabotage the operations of one of their competitors. In essence, this was a business decision made by one of BriansClub’s competitors to try and take them out of business. It’s similar two warring cartels attacking each other until the other doesn’t have the resources or the people to continue operations.
This does beg the question though, why not make offensive operations against these kinds of sites the norm, not the outlier? In the financial services industry we have a number of cybersecurity information sharing organizations, maybe it is time to establish an offensive cyber operations organization that doesn’t just share information about known threats but actively seeks them out and attempts to disrupt illegal operations. Of course there are potential pitfalls with this type of setup. The efforts of this type of group would have to be carefully watched by both the industry and law enforcement to ensure the operations were focused solely against illegal operations in the dark web. The last thing you would want would be to have a group that was supposed to protect consumers decide to go rogue.
Risks aside, it seems like it is time to open up and publicly establish more direct industry operations against these criminal elements. Sharing information will never prevent fraud, these sites have to be shown it isn’t worth operating because they will be taken down before they can ever make any money.