back to article DDoS script kiddies are also... actual kiddies, Europol arrests reveal

Law enforcement bods at Europol have arrested 34 users of Distributed Denial of Service (DDoS) cyber-attack tools and interviewed and cautioned 101 suspects in a global crackdown. Unsurprisingly, the users identified by Europol’s European Cybercrime Centre (EC3) were mainly young adults under the age of 20. The body worked …

  1. Anonymous Coward
    Anonymous Coward

    Prevention campaign

    So lets see, is it a cute animal on a poster or a powerpoint presentation?

    1. Doctor Syntax Silver badge

      Re: Prevention campaign

      I'd settle for well publicised convictions with sufficiently deterrent sentences.

      1. Adrian 4 Silver badge

        Re: Prevention campaign

        Hit them where it hurts. Confiscate their phones.

        1. moiety

          Re: Prevention campaign

          They're probably going to appeal to da yoof with a couple of pouting models using jargon that nobody under 30 has used for at least 5 years, if previous efforts are anything to go by. Yolo etc.

        2. macjules Silver badge

          Re: Prevention campaign

          Rubbish, 3 months with no PS4, must be in bed by 8pm and no milk and cookies should do the trick nicely.

        3. MNGrrrl

          Re: Prevention campaign

          > Hit them where it hurts. Confiscate their phones.

          Clearly you haven't spent much time around children. No, the way to really hit them hard is to login to their game and delete all the good kit they spent hours grinding to get, delete all their savegames, then hide behind the couch. As the slow horror of what you've done dawns on them, sneak up behind them and whisper "We saw your report card." Then slither away.

        4. Mark 85 Silver badge

          Re: Prevention campaign

          Hit them where it hurts. Confiscate their phones.

          And have the parents cut off their allowances. The kiddies are paying with this from money from somewhere....

      2. grizewald

        Re: Prevention campaign

        Yeah, let's ruin some young person's future by making an example of them.

        Yay! Vindictive justice at its best.

        Maybe you'd like to see their heads on pikes outside the tower of London?

        1. Doctor Syntax Silver badge

          Re: Prevention campaign

          "Vindictive justice at its best."

          Vindictive? What part of deterrent did you not understand?

          Every day the local paper reports the court appearances of habitual criminals who've been given lots of chances which amount to warnings, suspended sentences etc. so they see no real penalty for themselves or for their peers who are committing the same crimes with the same results. There's no deterrence. By the time they get their first custodial sentences their criminal careers are well established.

          A few real penalties, well publicised, might deter their peers and ultimately prevent more lives being ruined by being gradually sucked in.

          1. Cynic_999 Silver badge

            Re: Prevention campaign

            Every study that has been conducted shows that excessive sentences do not prevent crime. Fear of getting caught deters crime. If a criminal does not seriously believe they will be detected, it doesn't matter what sentence is imposed - in fact most 1st time criminals have no idea what sentence they would get if caught. What's most likely to stop you speeding - a heavier fine, or a lot more (hidden) speed cameras?

            1. Doctor Syntax Silver badge

              Re: Prevention campaign

              "Fear of getting caught deters crime."

              Back in the day I handled 2 cases involving the same individual who clearly had some prior form. The first one was a break-in. He accepted that he'd forced an entry but insisted that he didn't actually go inside the premises because at the last moment he realised that if he did it would be actual gaol this time round. The evidence, however, said he did enter. Whilst on remand, and putting off the case in order to get a more lenient judge IIRC he got involved in a gang rape. Whatever the sentence on his original break-in it would now be dwarfed. What his actual sentences were I don't know because I would usually give my evidence & then leave so I'd seldom hear the verdicts. But that was one lad who the leniency conveyor belt delivered right into serious crime and multi-year sentences.

              1. Robert Sneddon

                Criminals, not the sharpest SSD in the SAN.

                The one thing that stops people committing crimes is the fear of being caught. Tough sentences etc. have no real effect. The bad news is that habitual criminals don't think they'll be caught, even after they have been caught many times before. This time it's going to be different, they think. They're usually pretty stupid and have little impulse control. Drink and drugs don't help.

                https://www.youtube.com/watch?v=nvmYfcQB5HY

                There are a lot of court cases where someone does get caught early on, first-time offenders and they learn their lesson, grow out of it or give up and live a mostly crime-free life as upstanding members of the community, only evading taxes, speeding, drinking and driving, working off the books, taking backhanders etc. It's the 19-year-old with sixty-odd convictions for burglary and aggravated assault that makes the headlines but they are very much outliers.

          2. Vic

            Re: Prevention campaign

            A few real penalties, well publicised, might deter their peers

            History shows us that harsh penalties have almost no deterrent effect. What we need is effective detection if we wish to deter criminals.

            But that would mean chasing criminals rather than chasing targets...

            Vic.

        2. Stevie Silver badge

          Re: Heads on Pikes

          Yes, please.

        3. Commswonk Silver badge

          Re: Prevention campaign

          Yeah, let's ruin some young person's future by making an example of them.

          And your alternative is...? Given the disruption and costs that a DDoS attack can cause a simple "please don't do it again" is simply but wholly inappropriate.

          However the weak link in the chain is likely to be that the script kiddies are unlikely to use any of the news services where someone else's downfall is reported, and of course there remains the challenge of "I'm smarter than that so I won't get caught" mentality. IMHO there is no useful purpose to be served by going soft on offenders; it might make "you" feel better but as a service to the wider community it is self - defeating.

        4. WolfFan Silver badge

          Re: Prevention campaign

          Maybe you'd like to see their heads on pikes outside the tower of London?

          Nah. I'd rather have HM the Q release the hounds... err, corgis. The thought of a bunch of script kiddies being eaten alive by corgis appeals.

        5. Anonymous Coward
          Anonymous Coward

          Re: Prevention campaign

          Hardly ruining a life by locking up a young adult (ADULT being the key word) for a couple of years. Spent convictions won't even be disclosed to many employers who even undertake extensive background checks these days for fear of preventing employment.

          1. Cynic_999 Silver badge

            Re: Prevention campaign

            "

            Hardly ruining a life by locking up a young adult (ADULT being the key word) for a couple of years.

            "

            Prison changes a person's personality and entire outlook on life. Usually for the worse. Do you also argue that there are no lasting effects of being raped, because the body soon heals?

            Think back to Christmas 2014. Think of what you have done & learned between then and now. That's how long a "couple of years" is. More than enough time to become indoctrinated by the people you are locked up with. Enter slightly anti-social. Leas a psychopath. That'll make society better.

    2. JLV Silver badge
      Trollface

      Re: Prevention campaign

      >poster or a powerpoint?

      Nah, they can just use the aptly-named Bombastic Bob's ode to "real hackers". See below.

      Stanza it up as rap. That'll do the trick. Fer sure.

  2. noboard

    *sigh*

    "One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose.“

    What skills? They're only paying to access the software.

    1. Anonymous Coward
      Anonymous Coward

      Re: *sigh*

      > What skills? They're only paying to access the software.

      Totally this.

      Now what about taking steps to limit the spread of botnets? Can we punish people from blindly opening email attachments yet? If not, why not? If they don't have money for fines we can do stocks and fund it all from the veg and ticket sales.

      1. WolfFan Silver badge

        Re: *sigh*

        Can we punish people from blindly opening email attachments yet?

        No.

        If not, why not?

        Because it would be monumentally stupid.

        Example: I have, sitting in the junk folder for the email address I use here on El Reg, several emails containing probable botnet lures. Some of those have very obviously fake subjectlines or fromlines or both. Several have quite realistic subjectlines or fromlines or both. However, as I have given this address out to zero decimal zero zero zero business contacts, I know that all of them, no matter how well crafted, are fakes. That would include the one from 'Apple iTunes' addressed to 'Mr. Wolf', and inviting me to click on a hotlink saying 'Apple iTunes Match invoice' but which actually links, when hovered over with a mouse, to some site ending in a .ru TLD. It may or may not actually be Russian, I don't know and don't care, as I'm not actually clicking on the thing. Yes, I have iTunes Match. No, I don't use this address as a contact for it. And when Apple does send me an invoice, they send it to the correct address, using the name that's on my credit card. And they have my correct account number. And they never, ever, ask me to 'click here'. Now, I can see where those who don't know how Apple (or whoever) operates, or who simply were in a hurry and weren't paying full attention, might click there. That might be careless, but does not rise to the level of fines or stints in the stocks.

        1. Doctor Syntax Silver badge

          Re: *sigh*

          "Because it would be monumentally stupid."

          Indeed. But it would be a good idea to punish businesses who persist in training their customers to do just that.

          Only a few days ago yet another spam arrived from my bank warning customers about how not to get caught by frauds. At least it purports to be from the bank. It's actually from a marketing spamming company. It has several links on which customers are invited to click. At least this time they've improved things so that the links are to a server in the bank's domain. Further examination shows that in fact the links actually resolve to a server controlled by the marketing spamming company. The only things that indicate that the bank is actually behind it is that it was addressed to an email alias that was only given to the bank and that the bank employs idiots a marketing department.

        2. Jack of Shadows Silver badge

          Re: *sigh*

          I've the same setup here, specialized addresses. I don't even bother with looking at the outliers, just block delete.

  3. Inventor of the Marmite Laser Silver badge

    Back in September

    Europol's acting head of strategy for cybercrime whinged to The Register that the Europe will “certainly cut themselves off from the full intelligence picture” by marginalising the UK through yet another fit of Europique.

    TFTFY

    1. Prst. V.Jeltz Silver badge

      Re: Back in September

      "“certainly be cut off from the full intelligence picture”

      Well fuck you too then europe. I'd love to still be friends , and do trades , and visits at the weekend and shit , but if you think because we've exited the common market you have to run away crying , throwing your tows out , taking your ball home , and cutting off your nose to spite your face by vandalising mutually beneficial important criminal information systems then fuck you.

      1. ZSn

        Re: Back in September

        How difficult is that to understand. Once you've left the EU, you've left the EU. If you're expecting to stay a member of the institutions of the EU then don't leave. You remind me of most of the Brexiters I'm met - deluded.

      2. Richard 26

        Re: Back in September

        It's really strange to see Brexiters posting about how much they love EU organizations and how unfair it is that they will no longer be members.

      3. Loyal Commenter Silver badge

        Re: Back in September

        if you think because we've exited the common market you have to run away crying

        A couple of things I feel I have to correct you on here:

        Firstly, we've not actually left the EU (yet), despite all the bullshit and bluster, and secondly, when we do 'leave', it won't necessarily involve leaving the common market, because:

        a) Most people don't want that (they still want to be able to buy EU goods without tariffs and import duty on them)

        b) It would be a fucking stupid thing to do - not so much economic suicide as a full-on economic murder-suicide where the analogy would be taking out your entire family before blowing up the house with yourself in it.

        If you think leaving the EU won't involve leaving all the institutions of the EU (such as Europol), then you're like the crazy ex-partner who dumps you then keeps turning up to eat the food in your fridge, take a bath in your house and use your internet. In this eventuality, I'd fully expect the institutions of the EU to do the metaphorical equivalent of getting a restraining order and changing the locks to keep you out.

        1. Prst. V.Jeltz Silver badge

          Re: Back in September

          Look i just think a criminal intelligence database might as well be open to other countries - whats the point having a guestlist?

          I'm not asking for funding for a new airport.

  4. This post has been deleted by its author

  5. Loyal Commenter Silver badge

    "Cut off from the full intelligence picture"

    I've not yet heard a better description of the fanatical 'brexit' loonies.

    1. Loyal Commenter Silver badge
      Trollface

      Re: "Cut off from the full intelligence picture"

      Hehe, touched a nerve

  6. bombastic bob Silver badge
    FAIL

    S'kiddies and their lack of basic knowledge/skills

    Yeah, it does NOT surprise me in the least that S'kiddies are behind the DDoS'ing, NOR does it surprise me that they're BUYING "other people's knowledge" to do it.

    A *REAL* hacker doesn't need to purchase a DDoS'ing "service". But a S'kiddie *DOES*.

    S'kiddies are LAZY, uneducated, self-important "look at me now" spoiled little *BRATS*, who would be protesting the 1% or engaging in PRIMAL SCREAM demonstrations [poor widdle snowflakes] if they weren't USING! MOM! AND! DAD'S! MONEY to purchase a DDoS service from a bunch of clowns that set up a botnet using malware for that specific purpose.

    They invoke techniques that they do not understand, using other people's tools, and call themselves "elite" for doing it.

    A *REAL* hacker knows that the discipline and [self] education needed to attain that skill level on your own should _NOT_ be wasted in such a manner. So *REAL* hackers design complex systems, or really cool IoT devices, or work in I.T. and security, where the basic knowledge and skills gained from hard work and study pay off the most.

    These black-hat wannabe S'kiddie types are just irritating. And it looks like they left a nice fat bread-crumb trail for the cops to locate them, too. Typical.

    My advice: install Linux or BSD, learn to compile a custom kernel (and modify it to do cool things), and hack your own computers. Submit patches when you find vulnerabilities. Get a REAL job that pays you to do _that_ level of skillful intelligent work. It's a LOT more rewarding.

    1. Mike 16 Silver badge

      Re: S'kiddies and their lack of basic knowledge/skills

      Yeah, kids today. They just grab Daddy's shotgun out of the cabinet when they want to raise havoc. Why, in _my_ day we knew how to make a proper Zip-Gun, and how to talk that annoying prat down the street into doing the first test firing.

  7. Destroy All Monsters Silver badge
    Alien

    The old republic gone it is. Today, only drones and villainous scum, there is.

    "One of the key priorities of law enforcement should be to engage with these young people to prevent them from pursuing a criminal path, helping them understand how they can use their skills for a more constructive purpose.“

    But they don't have any....

  8. NanoMeter

    The photo illustrate well

    my idea of what script kiddies looks like.

  9. TAJW

    It's interesting to watch all the bluster and posturing from both sides on Brexit.

    When we over the colonies left the Brits, we did it simply and with class. We just had a big Tea Party in Boston Harbor.

    :)

    1. Destroy All Monsters Silver badge

      Later there was some shooting though.

    2. Anonymous Coward
      Anonymous Coward

      Yeah

      And look where it got you.

  10. Maty

    Tried and true works best

    "Well my team and I really concerned ourselves fundamentally with a statistical analysis as a whole; in tandem with and related to a psycho-chemical and broadly speaking a behavioral analysis of over a thousand individuals."

    "We've come to the inevitable conclusion that the one course of action that the authorities must take is to cut off their goolies."

  11. David Roberts Silver badge

    Lack of self awareness

    Kids poke sticks in wasp nests for shit and giggles and dares.

    If maturity ever arrives they remember that shit and giggles hurts.

    So not surprising that it is the young who are tempted to buy DDoS services to see what happens. Serious talking to first time. Serious punishment second time.

  12. Gordon Pryra

    Today’s generation is closer to technology than ever before.

    No, just young enough to be stupid enough to think they wont get caught.

    Add stupid enough to take things way to personally in a game/forum and its a disaster waiting to happen.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019