Russian Cybercriminals: A New Approach to Disruption
Psychological Tactics Against Hackers
Russian hackers have long been a menace, launching severe ransomware attacks. Recently, investigators have started using psychological tactics to disrupt these cybercriminals. Essentially, they are trolling the hackers.
Creating Distrust Among Hackers
Western law enforcement is now employing psychological measures to slow down Russian hackers. These tactics include eroding the limited trust among criminals, driving wedges between hacker egos, and sending personalized messages to show they are being watched.
“We’re never going to get to the kernel of these organized criminal gangs, but if we can minimize the impact they have by reducing their ability to scale, then that’s a good thing,” says Don Smith, vice president of threat research at security firm Secureworks. “All of these little things, which in themselves may not be a killer blow, they all add friction,” he says. “You can look for cracks, amplify them, and create further discord and mistrust so it slows down what the bad guys are doing.”
Operation Cronos: A Case Study
In February, a global law enforcement operation led by the UK’s National Crime Agency (NCA) targeted the LockBit ransomware group. They published images of LockBit’s administration system and internal conversations, revealing usernames and login details. This operation shattered LockBit’s anonymity and undermined its brand.
“LockBit prided itself on its brand and anonymity, valuing these things above anything else,” says Paul Foster, director of threat leadership at the NCA. “Our operation has shattered that anonymity and completely undermined the brand, driving cybercriminals away from using their services.”
Impact on Cybercriminals
When LockBit members logged into their systems, they received messages showing authorities had gathered their details. This has caused divisions among hackers, making it harder for them to organize. The NCA’s actions have led to widespread mockery of LockBit online, making its brand toxic.
Psychological Research in Cybersecurity
The US Intelligence Community’s research agency, the Intelligence Advanced Research Projects Activity (Iarpa), is working on a project to create new cybersecurity defenses by exploiting the human weaknesses of attackers. This research aims to build tools and methods based on established psychology principles to disrupt cybercriminals.
“If you can deter somebody from attacking your network, that’s about as good as it gets,” Ferguson-Walter says. “I think the more scared or uncertain they are about how the defenses work, the better your odds for doing that are.”
Conclusion
By using psychological tactics alongside traditional technical measures, law enforcement is finding new ways to disrupt cybercriminals. These efforts are creating distrust among hackers and making it harder for them to operate, ultimately enhancing cybersecurity.
1 Comment
Finally cracking down on those keyboard warriors!