Turn the Tables

      Thirty years of best practices and millions of dollars spent in defense and defense-in-depth really has not made much of a dent in the fight against hackers.  It is a never ending battle.  We get better, they get better.  Since follow-through on punishment is difficult if not impossible once hackers are identified and found, due to them being in another country, what recourse is left?  Dmitri Alperovitch, co-founder and CTO of CrowdStrike believes it is necessary to find out who is benefitting from the stolen information.  If you pinpoint a state-owned oil company that is better able to compete in the marketplace because of the information that they acquire, then you can sue them.  You pick a jurisdiction because many are multinational in scope.
      You can also use deception.  If you know information is being stolen, plant phony data to derail their plot.  If you can get a photo of the hacker and his identity, publicize it.  If they are all over the media, it should cause concern for whoever is employing them.  Make it more difficult, expensive and painful for them to work.  Tom Kellermann, vp of cybersecurity at Trend Micro says most hackers have known cyber kill-chains that they are partial to, they do not vary much.  The more you can profile and understand how they move laterally within your system, and what IPs and URLs they prefer and the command-and-control is located...you can make it very uncomfortable and more difficult for them.
     Pressure can also be placed on the infrastructure suppliers to the attackers, the ones that house their servers, and the money-laundering channels that they use.  By causing them damage in their own house that they need to control, they can be put on the defensive.

http://www.darkreading.com/security/news/240008322/turning-tables-id-ing-the-hacker-behind-the-keyboard.html?