The National Crime Agency has admitted that it runs fake hacker-tools websites in order to penetrate the cybercrime landscape. The Agency has decided to declassify one of its operations to demonstrate its commitment and effectiveness at disrupting cybercrime.
The site it declassified was a Distributed Denial of Service (DDoS)-for-hire site. The NCA changed the website's name and replaced it with a splash screen informing visitors that their data had been acquired and that law enforcement would be contacting them.
The UK's Computer Misuse Act of 1990 forbids DDoS attacks, which aim to overwhelm websites and take them offline.
"We will not reveal how many sites we have, or for how long they have been running. Going forward, people who wish to use these services can't be sure who is actually behind them, so why take the risk?"
Alan Merrett, National Cyber Crime Unit
Users may quickly create accounts and order DDoS assaults using DDoS-for-hire or "booter" services. Such assaults frequently delay people from using vital public services and have the ability to seriously disrupt important national infrastructure and enterprises.
All of the NCA-managed websites, which have so far been frequented by several thousand people, were made to appear as though they provide the equipment and services needed by online criminals to carry out these assaults.
However, when people register, their information is compiled by investigators rather than being provided access to cybercrime tools. The National Crime Agency or the police will get in touch with users residing in the UK to warn them against committing cybercrime. International law enforcement is receiving information on those who are based abroad.
