What’s the best way to stop young gamers slipping into a life of cybercrime? Google ads from the cops, apparently.
That’s according to a study from the Universities of Cambridge and Strathclyde which looked at four different types of law enforcement interventions.
It found that high-profile arrests and sentencing of cybercriminals only lead to a short drop in the number of attacks taking place from other budding miscreants, whereas the takedown of infrastructure and targeted messaging campaigns were strongly associated with a sharper and longer-term reduction in attack numbers.
For just a few dollars, almost anyone can become involved in cybercrime through the use of “booter” service websites, where users can purchase targeted denial-of-service (DoS) attacks, the press release explained.
Booter services are commonly seized upon by users of gaming sites as a form of retaliation against others – the largest booter provider carries out between 30,000 and 50,000 such attacks every day, it said.
Ben Collier, from Cambridge’s Department of Computer Science & Technology and the paper’s first author, said: “Law enforcement are concerned that DoS attacks purchased from a booter site might be like a ‘gateway drug’ to more serious cybercrime. A big problem is that there is still relatively little evidence as to what best practice looks like for tackling cybercrime.”
The researchers used two datasets with granular data about the attacks from booter sites, and modelled how the data correlated with different intervention tactics from the National Crime Agency (NCA) in the UK, the Federal Bureau of Investigation (FBI) in the US, and other law enforcement agencies around the world.
They found that arrests only had short-term effects on the volume of DoS attacks – about two weeks – at which point activity went back to normal. Sentencing had no widespread effect as attackers in one country weren’t affected by punishments in another country.
Taking down infrastructure – as the FBI did at the end of 2018 – had a far more noticeable effect and suppressed the booter market for months.
Now there’s really just one large booter service provider, with a few smaller ones starting to come back, said Collier.
But failing that, there’s also targeted messaging. From late December 2017 to June 2018, the NCA bought targeted Google adverts aimed at young men in the UK. When a user searched for booter services, a targeted advert popped up, explaining that DoS attacks are illegal.
“It’s surprising, but it seems to work, like a type of digital guardianship,” said Collier. “At the exact moment you get curious about getting involved in cybercrime, you get a little tap on the shoulder.
“It might not work for people who are already involved in this type of cybercrime, but it appeared to dramatically decrease the numbers of new people getting involved.”
The results are to to be presented today (21 October) at the ACM Internet Measurement Conference in Amsterdam. ®