Can cyber group takedowns last?
Episode description
Every now and then, international law enforcement announces a stunning takedown of a cyber crime group.
Typically realized in the form of website shutdowns, in which the National Crime Agency logo is emblazoned across the dark web site of would-be hackers, these are powerful PR moves to show that cyber crime doesn’t always pay – and the seriousness with which law enforcement approaches these crimes.
But the truth is, hackers continue to operate. And sometimes, the very groups that have been billed done and dusted simply reemerge under a new site, new servers, or with a fresh coat of paint.
What can we learn from this cycle – and does the industry need to take a different approach?
In this episode, Rory is once again joined by Ross Kelly, ITPro’s news and analysis editor, to explore some of the most prominent cyber crime gang takedowns we’ve had recently and what it means for the sector.
Read more:
- BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new group
- Cobalt Strike abusers have been dealt a hammer blow: An "aggressive" takedown campaign by Fortra and Microsoft shuttered over 200 malicious domains – and it’s cut the misuse of the tool by 80%
- Hundreds of Cobalt Strike servers have been taken offline in a major law enforcement sting
- Ransomware victims are refusing to play ball with hackers – just 17% of enterprises have paid up so far in 2025, marking an all-time low
- Average ransom payment doubles in a single quarter
- 75% of UK business leaders are willing to risk criminal penalties to pay ransoms
- Can the UK ban ransomware payments?
- LockBit could be done and dusted after NCA operation gained access to admin environments, source code, and affiliate info
- LockBit ransomware group falls victim to hackers itself
- The Zservers takedown is another big win for law enforcement
- ‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs