Law enforcement agencies need to mount a coordinated effort to shut down the exploit developers and hosting sites powering organised crime, according to experts from the FBI, Europol and the UK's National Crime Agency (NCA).
The experts made the claim during a panel discussion at InfoSec 2015, when FBI assistant legal attaché Michael Driscoll listed taking down the "core group" of 200 black hats creating exploit kits as one of the biggest challenges facing law enforcement.
"We're looking to stop that marketplace of tools. There's a small group creating the core technologies that feed the criminal world," he said.
"The problem is they're easily bought on the criminal marketplace and distributed. I could go now and pick them up for $200. We're focusing our resources on taking out the people that do the most damage."
NCA Cyber Crime Unit deputy director Andy Archibald agreed, but added that law enforcement should equally focus on hampering the "bulletproof" hosting providers powering the criminals' infrastructure.
"It's a small number. The effort getting them has to be collaborative, pulling together and looking at the threat and what capabilities we need and who has them. Some will be in difficult jurisdictions. Here we'll have different tactics we'll need to develop," he said.
"[When] tackling organised crime there are a range of attributions you need to look at. We want the malware creators, but in a criminal business we're not just interested in the engineers building the programs. We're also interested in the bulletproof hosters facilitating them and the money mules."
Europol deputy director Wil van Gemert added that the exploit market is one of many problems facing law enforcement.
"There are three evolving topics. First, crime as a service where criminal entrepreneurs offer their services to organised crime," he said.
"Second, anonymisation and encryption gives us difficulties and in my mind it's unbalanced against law enforcement.
"Third, the evolution of darknets and hidden services. These are the threats that require international reactions and cooperation."
Law enforcement agencies' efforts to crack encryption and monitor darkweb services, which are also used legally by activists and dissidents in oppressive regimes, have been under scrutiny in recent months.
The UK government has announced plans to increase law enforcement powers, and is once again pushing through the controversial Snoopers' Charter.
The plans have met with hostility by many security professionals. PGP creator and Silent Circle chief Phil Zimmermann listed them as overly invasive, arguing that they will turn the UK into a police state.
Archibald moved to allay these concerns, claiming that the powers would be used only in very specific circumstances.
"Law enforcement doesn't want mass surveillance. It causes problems for us. We have to deal with the data and make sense of it. Encryption and the scale and scope of challenges present an issue. But we don't want mass surveillance," he said.
"We want to be able, if someone is engaged in serious criminality, to monitor them. I recognise this is an emotional topic and we need to engage with the public to assure them we can do this responsibly."
The NCA is one of many UK agencies moving to allay concerns about its surveillance activities.
Users are told that their non-existent 'iPhoneID' is expiring soon
Expansion of SDK intended to expand Amazon Alexa ecosystem
Locky returns from a prolonged rest with two new variants
AMD lambasted over Radeon RX Vega pricing that will add an extra £100 to RX Vega 56 and 64 graphics cards
Company accused of failing to tell anyone that the launch prices were only introductory offers