October 23, 2015

Can bounty hunters stop the DDoS gangs?

Chris Boyd, malware intelligence analyst at Malwarebytes, was pretty clear when he told SCMagazineUK.com that “bounties to turn in criminals seems like a great way to potentially cause more problems than they solve. We’d be better served trying to figure out how an attack took place and steps to mitigate in future, instead of jumping on the ‘Who did it’ bandwagon so commonly seen in APT discussions.” Boyd went even further, suggesting that introducing amateur hour detective work into financial incentives is something to steer clear of, and the bottom line decision of who is responsible should be left to law enforcement. “A company may say they won’t pay a ransom, but how can they be sure criminals won’t cook up convincing fake identities, launch an attack, and claim a reward for pinning it on the fictitious entity responsible?” Boyd concludes.

Read More