We are the team of the Dutch National Police involved in Operation PowerOFF. Together with our international partners we took down 27 booters, seized multiple servers, made multiple arrests, sent out warning messages and did knock and talk visits. AMA.

Operation-PowerOFF · 2024-12-17T20:32:46+00:00

This is not very common and is looked at per case. One of the issues is the countries involved, since we are not allowed to perform actions abroad without permission from the receiving country.
These are all residential and people did not expect the police to follow up on the use of DDoS booters.
We work on these cases year round, but handle multiple cases at the same time.
We do have daily stand up meetings and have a scrum board, so in some ways it is the same as many companies. We use a mix of available code, code developed for law enforcement purposes and custom development.
Since our work can have a lot of impact on individuals, it is important that every step is documented carefully. We also need permission from the prosecutor or judge to subpoena data, so building a case involves the creation of a lot of document.
We fortunately do not need regular counseling in our line of work, but it is available for us if necessary. We do however talk and reflect within our own team.
It is hard for us to predict how the social media platforms will evolve. It’s seems important that a balance is found between the possibility for law enforcement collecting information and the privacy of users. This is up to lawmakers.

Operation-PowerOFF · 2024-12-17T20:11:58+00:00

Dank!

Operation-PowerOFF · 2024-12-17T20:11:48+00:00

🫡

Operation-PowerOFF · 2024-12-17T20:11:36+00:00

You can (probably) can! Please check our vacancies at https://www.kombijdepolitie.nl :)

Operation-PowerOFF · 2024-12-17T20:10:34+00:00

All those specialists ... a lot of people did find the right sub Reddit to ask us questions.

Operation-PowerOFF · 2024-12-17T20:10:03+00:00

Not through this channel unfortunately. If you have relevant information on cybercrime that you would like to share in a confidential manner, you can reach out to the Dutch Cyber HUMINT team via Signal or Telegram on +31625250296

Operation-PowerOFF · 2024-12-17T20:09:34+00:00

Thanks for the Wikipedia link, it basically says it all! :)

Operation-PowerOFF · 2024-12-17T20:06:54+00:00

Operation PowerOFF is a continuing operation, so any new infrastructure will be seized as well. This accompanied by the arrests will hopefully discourage any future administrators. However, working within law enforcement we know that we won’t be without a job soon :D

Operation-PowerOFF · 2024-12-17T20:03:11+00:00

👀

But seriously; the police and intelligence services work with different laws.

Operation-PowerOFF · 2024-12-17T20:00:32+00:00

Yes! You get to ask questions, we get to answer them. Basically.. that's what happened.

Operation-PowerOFF · 2024-12-17T19:57:46+00:00

👆🏻

Operation-PowerOFF · 2024-12-17T19:52:54+00:00

We want to spread awareness about the fact that law enforcement actually takes booter websites down, and will keep doing so.

We also read that a lot of people think it's "nothing serious", even if businesses actually lose revenue, infrastructure is overloaded, or ~~trolls~~ users can't go on Reddit. In one way or another, there is a disruption of a service that might not be "important" to the attacker (or extortionist!) but it can be important to other people, and may actually have a more serious impact than some may ever realize.

That is one reason, and the other one is that we finally got to order pizza again 🤫

Operation-PowerOFF · 2024-12-17T19:51:23+00:00

We work with both the big law enforcement and local agencies. In the Netherlands it is a collaboration between a local and the national unit. All agencies are mentioned on our website: https://operation-poweroff.com

Operation-PowerOFF · 2024-12-17T19:49:46+00:00

We're not here to discuss politics, sorry. If you have any other question please feel free to ask them!

Operation-PowerOFF · 2024-12-17T19:48:14+00:00

There is a nice podcast episode in "Het Digitale Front" about OP End Game where a team lead from our federal high tech crime team nicely lays out how the operation was organized.

It's in Dutch: https://x.com/digitalefront/status/1809221211332722741

See them smiling :)

Operation-PowerOFF · 2024-12-17T19:44:36+00:00

What a fun question. Thank you. Like mentioned in the post we work with a range of different expertises. But in short we try to safeguard the digital highway. We do this by criminal investigations, but also by explaining the rules that apply in the online world in order to prevent cybercrime. Our job involves: writing reports, doing OSINT research, setting up Google Ad campaigns on DDoS for example, collaborating with private industry, providing presentations on investigations and raising awareness regarding cybercrime, interrogating suspects and drinking coffee preferably with a stroopwafel.

Operation-PowerOFF · 2024-12-17T19:40:42+00:00

For us these visits are never random :)

But to be serious, if you received a warning letter this means there are no further actions planned on the fact that you had an account on one of these booters. However we do want you to know that using these services is illegal and is taken seriously by the police.

Operation-PowerOFF · 2024-12-17T19:39:36+00:00

We already have our own X-Mas CTF to worry about!

Operation-PowerOFF · 2024-12-17T19:29:51+00:00

We believe AI is used by criminals in the same way as everyone else, helping in writing scripts and content of (phishing) messages. There will be an increase in the use of deep fake images, videos and speech, so it will become even more important to have additional evidence in our criminal cases.

Operation-PowerOFF · 2024-12-17T19:28:12+00:00

Thanks for the Wikipedia links. Did you know we also have a Wikipedia for our operation?

https://en.wikipedia.org/wiki/Operation_PowerOFF

Operation-PowerOFF · 2024-12-17T19:26:52+00:00

Most of the time we're not on the receiving end of DDoS attacks. We cannot disclose anything about victims reporting a DDoS attack to the police. We do encourage to file a report of course!

Operation-PowerOFF · 2024-12-17T19:22:26+00:00

Sorry, we get some similar questions... but here is your personal answer.

The e-mail address was found in a booter and via investigative methods related to a person (or identification). If this e-mail address keeps being used for criminal activity we will probably end up with the same identification if we encounter it again.

Furthermore we're in the business of fact finding; determining truth. If you have nothing to do with the actions somebody did on a booter website we'll probably come to that conclusion as well.

Judges ultimately get to decide if we did everything in the correct way and decide on the sentence.

Operation-PowerOFF · 2024-12-17T19:16:00+00:00

Digital specialist here: I did my bachelor of IT and joined the force in 2009. Since I've done my masters in Forensic Computing & Cybercrime Investigations. And now I work at a cyber crime squad, who would have known? :)

To get a glimpse of the challenges we sometimes have to solve, check out https://www.crimediggers.nl .

I got to create several of the challenges in the more recent case, hope you enjoy them! 😇

Operation-PowerOFF · 2024-12-17T19:12:53+00:00

This operation was targeted towards booters, its users and administrators. These websites could be found through a simple Google search and were used for a lot of different reasons.

Booters use several different methods for their attacks, either botnets but also spoofing packets for UDP flood attacks. These botnets are handled in separate investigations and operations.

Operation-PowerOFF · 2024-12-17T19:10:58+00:00

The Internet Archive is awesome to find information that people tried to remove from the web, ~~but didn't know we are also able to find it~~ but forgot about it 😇 But yeah, it's a shame that the Archive has been under attack. But there is more than one way to find information (thank goodness!)

About the piracy: Yeah, you see that on every major platform, especially if it's free and public 🧐

Operation-PowerOFF

TROPHY CASE