There is not a day that goes by that we read about how ineffective law enforcement is against cyber criminals, who openly sell stolen credit card information or other personal information about consumers. Since most cyber criminals work out of foreign countries, trying to coordinate law enforcement agencies from different countries can be difficult.

Two grad students over at Carneigie Mellon University have an interesting idea on how to stem cyber criminal activity. They suggest that law enforcement should infiltrate the cyber criminals home where stolen information is sold and pose as crooks. The thinking is that by doing this , law enforcement will be able to provide false information and false transactions with the hopes of fostering distrust and dishonesty among the criminals themselves. In the paper it states:

Underground markets represent a substantial security threat. Previous approaches for disrupting underground markets have focused on standard law enforcement activities such as locating and disabling hosting infrastructure or identifying and arresting market participants [17]. These techniques face numerous social and technological hurdles which limit their success and result in substantial associated costs. For example, disabling the hosting infrastructure for a market may require multi-national cooperation, which can be time and resource consuming. Furthermore, nations may refuse to cooperate with foreign law enforcement agencies or may lack appropriate laws for prosecution. Even in the case where law en forcement techniques have succeeded in disrupting an underground market, the markets often re-emerge under new administration with a new “bulletproof” hosting infrastructure. Identifying and arresting key players also includes a host of associated complexities and costs, such as tracing individuals through chains of compromised hosts and the cost of subsequent legal proceedings.

The substantial costs and limited success of standard law enforcement techniques motivate our search for low-cost approaches to countering the threat posed by underground markets.In this section, we sketch two low-cost countermeasures based on principles in economics and natural limitations in the client identification capabilities of open underground markets. The first is a Sybil attack and the second is a slander attack. The goal of this preliminary exploration is to highlight open challenges and present initial approaches on how to tackle them.

I think this is a great idea.

Comments welcome.

The complete report can be found here in .pdf format.
[tags]cyber, criminals, report, credit, cards, scams, law, enforcement, [/tags]