Header Ad
HomeCRIMEHacking the hackers- a paradigm shift in tackling cybercrime

Hacking the hackers- a paradigm shift in tackling cybercrime

- Advertisement -

Hacking the Hackers’ becomes a critical stratagem in a world where information is power. This phrase encapsulates the intricate dance of cyber warfare, where understanding the adversary – cyber criminals – is not just important, it’s indispensable. Hacking the hackers is a term used to describe the process of using hacking techniques to defend against hacking attacks. It is a proactive approach to cybersecurity that involves understanding how hackers think & operate and then using that knowledge to develop and implement security measures that can defeat their attacks.

Hacking as a Business

Malicious hackers can make money by stealing data, selling malware, or demanding ransom payments. However, it is essential to note that malicious hacking is a crime, and those who engage in it can be prosecuted and imprisoned.

Some of the ways by which malicious hackers make money are:

  • Stealing data: Malicious hackers can steal data from individuals and organizations and then sell it on the dark web. The value of stolen data can vary depending on the type of data and the sensitivity of the information.
  • Selling malware: Malicious hackers can develop and sell malware to other criminals. The same is used by criminals to disrupt operations and steal data.
  • Demanding ransom payments: Malicious hackers can encrypt a victim’s data and then demand a ransom payment in exchange for the decryption key. This is known as Ransomware. Ransomware attacks have become increasingly common in recent years and can be very costly for victims.

The amount of money that malicious hackers can make varies depending on the type of attack and the sophistication of the hacker.

- Advertisement -

Chinese Hacking group APT 41

APT 41, also known as Sundown and Barium, has been a Chinese hacking group since at least 2012. The group is believed to be affiliated with the Chinese government, and it has carried out malicious activities like Ransomware attacks and Phishing attacks and has graduated to sophisticated cyber-attacks including:

  • Supply chain attacks: APT 41 has targeted the supply chain of businesses. Hackers can access the business’s systems and data by hacking into a business’s suppliers.
  • Intellectual property theft: APT 41 has been known to steal intellectual property from businesses. APT 41 has been said to have stolen product designs, trade secrets and proprietary information.

APT 41 is a highly sophisticated hacking group that has been very successful in its attacks. The group has targeted many victims, including businesses, government agencies, and individuals. APT 41 is a severe threat to global security, and it is essential to be aware of the group’s activities and to take steps to ensure protection from its attacks.

Syndicated Hacking

Malicious hacking is fast becoming profitable since syndicated hacking has upped the game of hacking. Syndicated hacking is a type of cybercrime in which a group of hackers work together to carry out a coordinated attack on a target. The hackers in a syndicate may have different skills and expertise, but they pool their resources to achieve a common goal. Syndicated hacking can make them much more effective than individual hackers and make it more difficult for law enforcement to track them down.

Syndicated hacking attacks can have a devastating impact on victims. Ransomware attacks can cost businesses millions of dollars in lost productivity and data restoration costs. Phishing attacks can lead to identity theft and financial losses. And DDoS attacks can disrupt critical infrastructure and services.

- Advertisement -

RaaS: It stands for Ransomware as a Service. It is a type of cybercrime in which hackers develop Ransomware and then sell it to affiliates who can use it to launch attacks on their own. RaaS makes it much easier for anyone to launch a ransomware attack, even if they do not have the technical skills to develop their own Ransomware.

RaaS operators typically provide affiliates with a variety of tools and services, including:

  • The Ransomware itself.
  • A control panel that affiliates can use to manage their attacks.
  • Technical support.
  • A forum where affiliates can share information and tips.

Affiliates pay RaaS operators a fee for these services and typically share a percentage of the ransom payments with the RaaS operators.

RaaS has become increasingly popular in recent years and is now a significant threat to businesses and individuals. In 2021, ransomware attacks cost businesses an estimated $20 billion.

- Advertisement -

There are many reasons for the rise in RaaS attacks. First, RaaS platforms make it easy for even novice hackers to launch ransomware attacks. All they need is to purchase a RaaS subscription, and they can have access to all the tools and resources they need to carry out an attack.

Second, RaaS attacks are becoming increasingly profitable for cybercriminals. In 2022, ransomware gangs collectively made over $7 billion in ransom payments. This has led to an increase in the number of cybercriminals willing to launch RaaS attacks.

Third, RaaS attacks are becoming more targeted. In the past, ransomware gangs often launched indiscriminate attacks, hoping to hit a few large targets. However, ransomware gangs have become more sophisticated in recent years and target specific organizations, such as critical infrastructure companies or healthcare providers.

The rise in RaaS attacks is a serious threat to businesses of all sizes and has caused significant financial losses and damage to the reputation of companies. There have been many instances of RaaS attacks since 2022. Some of the most notable attacks include:

  • January 2022, the Colonial Pipeline ransomware attack caused a gasoline shortage in the United States. A Russia-based ransomware group, DarkSide, had carried out the attack.
  • March 2022, the JBS USA (a meat processing plant), ransomware attacks caused widespread meat shortages in the United States. The REvil ransomware group, which is also believed to be based in Russia, carried out the attack.
  • April 2022, the Kaseya VSA ransomware attack affected over 1,500 businesses worldwide. The REvil ransomware group carried out the attack.
  • May 2022, the IT company Quanta Computer was hit by a ransomware attack by the  BlackCat ransomware group which is a new and highly sophisticated RaaS group.
  • June 2022, the Brazilian meat processing company JBS was hit by a ransomware attack. The REvil ransomware group carried out the attack.

These are just a few of the many RaaS attacks since 2022. RaaS attacks are becoming increasingly common and sophisticated and constitute a serious threat to businesses of all sizes.

In addition to the attacks listed above, there have also been several high-profile RaaS attacks that have targeted critical infrastructure, such as hospitals, power plants, and water utilities. These attacks can cause widespread disruption and damage, highlighting the need for businesses to take preventive steps to protect themselves from ransomware attacks.

Hive: Hive is a ransomware-as-a-service (RaaS) group first observed in June 2021. The group is known for using double extortion, which involves encrypting the victim’s data and stealing a copy before demanding a ransom payment. The group threatens to publish the stolen data if the victim does not pay the ransom.

Hive is believed to be a Russian-speaking group and has targeted a wide range of victims, including businesses, government agencies, and individuals. The group has been particularly active in the healthcare sector and has been known to target hospitals and other healthcare providers.

Hacking the Hackers- Law Enforcement Efforts

Law enforcement agencies play a crucial role in the intricate labyrinth of cybercrime. The FBI, a forerunner in this domain, diligently endeavours to thwart the operations of significant ransomware groups such as Hive.

One striking initiative by the FBI includes disrupting Hive’s criminal operation. In January 2023, the FBI announced that it had disrupted Hive’s operations and seized the group’s servers. The FBI also obtained decryption keys for Hive’s Ransomware, which allowed victims to recover their data without paying the ransom.

Their strategy involved hacking into the Hive servers, seizing control, and effectively dismantling their infrastructure. A stark example is the seizure of their servers and digital keys. This halted their operations and provided valuable insights into their methods and tactics.

This act of intervention by law enforcement agencies underscores their proactive approach towards combating cybercriminals. These agencies work tirelessly to protect cyberspace from malicious entities through tenacious efforts and strategic initiatives.

However, the group remains active despite the FBI’s disruption of Hive’s operations. In March 2023, Hive was responsible for a ransomware attack on Costa Rica’s government that caused widespread disruption. Nevertheless, the initiative by the FBI to ‘Hack the hackers’ is a paradigm shift in the cybersecurity domain and should be hailed as such.

Hacking the hackers- a paradigm shift in tackling cybercrime and cyber-attacks on critical infrastructure by government cyber security agencies

Government cybersecurity agencies are increasingly adopting hacking hackers as a stratagem to tackle cybercrime and cyber-attacks on critical infrastructure. This is because ethical hackers (white hat hackers) can be used to identify and fix vulnerabilities that would otherwise be exploited by malicious hackers. There are several benefits to hacking hackers by government cybersecurity agencies:

Identifying and fixing vulnerabilities: White hat hackers can use their skills to identify and fix vulnerabilities in computer systems and networks. This can help to prevent malicious hackers from exploiting these vulnerabilities.

Raising awareness of cybersecurity risks: Ethical hackers can raise awareness of cybersecurity risks among employees and other stakeholders. This can help to prevent employees from making mistakes that could be exploited by malicious hackers.

Building trust and confidence: ‘Hacking the Hackers’ can help to enhance trust and confidence between government agencies and the public. This can help to protect critical infrastructure and prevent panic in the event of a cyberattack.

However, there are also some challenges associated with hacking the hackers by government cybersecurity agencies, some are given below:

Finding and hiring qualified ethical hackers: It can be difficult to find and hire qualified ethical hackers. These individuals typically have a strong understanding of cybersecurity risks and vulnerabilities. They also need to be able to work independently and follow strict ethical guidelines.

Cost: Implementing and maintaining a white hat hacking program can be expensive. This is because government agencies need to invest in tools, training, and infrastructure.

Risk of misuse: There is always the risk that ethical hackers could misuse their skills for malicious purposes. This is why it is important to have strict policies and procedures in place to govern white hat hacking programs.

Overall, ‘Hacking the Hackers’ can be a valuable tool for government cybersecurity agencies that are serious about improving their security posture.

Also Read: Autonomous weapons and the future wars

In addition to the benefits and challenges mentioned above, there are a few other things to consider when using ‘Hacking the Hackers’ as a stratagem to tackle cybercrime and cyber-attacks:

Legal implications: It is important to make sure that any white hat hacking activities are conducted in accordance with the law. This may involve obtaining warrants or other legal authorization before conducting certain types of tests.

Ethical implications: It must be ensured that any ethical hacking activities are conducted ethically. This means respecting the privacy of individuals and organizations and avoiding any activities that could cause harm.

By carefully considering the benefits, challenges, legal implications, and ethical implications of hacking the hackers, government cybersecurity agencies can make informed decisions about whether to adopt this approach to tackling cybercrime.


The journey through ‘Hacking the Hackers’ unveils a multi-faceted landscape. From the dark alleyways of cybercrime, exemplified by groups like APT 41 and Hive, to the formidable ransomware-as-a-service (RaaS) business model, an intricate web was traversed. Ransomware attacks underscore the potent impact cyber-attacks can have on organizations, not to mention the ripple effects on economies. The FBI has initiated a commendable effort by Hacking the Hackers and set an example to be emulated by cyber security arms of the various governments.

Staying informed and taking proactive measures is the best defence. The need for network security measures, ways to detect impending cyber-attacks, and pre-emptive actions are underscored as paramount in this digital era.

- Advertisement -
Rear Admiral Dr. S Kulshrestha (Retd)
Rear Admiral Dr. S Kulshrestha (Retd)
Former Director General of Naval Armament Inspection (DGNAI) at the Integrated Headquarters of Ministry of Defense (Navy) Rear Admiral Dr. S Kulshrestha was advisor to the Chief of the Naval Staff prior to his superannuation in 2011. An alumnus of the Defence Services Staff College Wellington, College of Naval Warfare, Mumbai, and the National Defence College (NDC), Delhi — Rear Admiral Kulshrestha holds two MPhil degrees in nanotechnology from Mumbai and Chennai Universities and Doctorate from ‘School of International Studies,’ JNU. He has authored a book “Negotiating Acquisition of Nanotechnology: The Indian Experience”.


Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular