Even if you detect and repel a cyber-attack against your systems there is the added complication of whether or not to involve law enforcement in the case. For many this brings more work for potentially little return given the difficulty, especially in cross jurisdiction cases, law enforcement can have in attributing the attack, arresting those behind the attack, and for the courts to sentence them. So many companies decide to simply deal with the attack, clean up their systems, and continue with business as usual. For many, involving law enforcement is a timely exercise which may not result in those responsible being brought to justice.
However, recently I've noted a subtle addition to many of the news stories seen in various publications over the past number of weeks. These stories give a glimmer of hope that all is not lost and that cyber-criminals may not be as untouchable as they thought.
Over the past number of weeks we have seen a series of arrests, court cases, and convictions where those who have been involved in cyber-crime have been brought to justice, these include;
While the number of arrests and convictions is very welcoming to see, for me there is more behind the headlines that gives cause to celebrate. In particular, those cases involving multiple police forces working across different jurisdictions. The cooperation demonstrated in these international operations is heartening to see. In addition, the lessons learned from them can be brought to bear on future operations to increase their likelihood of success. Each arrest in many cases will also provide a treasure trove of intelligence and data that law enforcement can use to identify other criminal gangs.
Working in information security can lead us to often look at the negative aspect of the business. Sometimes though, it is good to look at the positive side and enjoy the victories that do arise.