Curbing the For-Profit Cybercrime Food Chain

msm1267 writes: A new report coauthored by Google researchers and a host of academics explains that firewalls, two-factor authentication and other traditional defensive capabilities put security teams in a constant dogfight against cybercrime. Instead, the focus, they says, should be on attacking the criminal infrastructure. The report outs a number of soft spots and inter-dependencies in the criminal underground that could be leveraged to cut into the efficacy of cybercrime. "Commoditization directly influences the kinds of business structures and labor agreements that drive recent cybercrime," the researchers write. While shutting down the black market is easier said than done, the paper notes a few ways to deter the behavior of attackers, if not fully break the chain.

Only three banks. Interesting

[raymorris]

The paper references an interesting conclusion from another paper:
-----
        Levchenko et al. found that only three banks were responsible for accepting payments for 95% of the spam URLs .
        Brand holders impacted by fraud and trademark
abuse can alert the credit card networks involved, resulting in
merchant banks severing relationships with known criminals.
McCoy et al. found that persistent brand holder intervention
from 2011â"2012 disrupted payment processing for criminals
for months at a time

----

Those three banks certainly would be good targets, to --persuade- them to stop providing payment processing to spammers. The only US bank on the list is Wells Fargo.