Ben Feinstein, director of operations for the counter threat unit of SecureWorks, a security company, echoed Ferguson. "In the short term, this may have a positive effect in reducing online crime, but in the medium- and long-term, they'll reorganize and move to other hosting providers."
The move won't even be that hard, said Feinstein. "The real pioneers of cloud computing were these criminal organizations," he argued. "One of the features of a lot of these botnets is that they can push out updates to the bots to point them toward new command-and-control servers. So while they may lose some bots, they will be able to reconstruct their botnets."
That doesn't mean this week's take-down was for naught.
"There are two important by-products of that [forced] redeployment," said Ferguson. "It increases the cost of doing business for them, and when they do move, we can observe and track them."
"It's definitely a positive take-away," said Feinstein. "This, and the Intercage take-down [in September] serve as examples that if you allow this kind of activity to run rampant on your network, or you're aiding and abetting criminals, there can be consequences."
Even then, however, Feinstein said there might be a dark lining to the cloud. "McColo's upstream providers were responsive in the end [to the evidence], but are you going to get that from other providers in other parts of the world? Unlikely. So big take-downs like this may get more difficult."
"I'm just taking solace in small victories," countered Ferguson. "What we have to try to do is raise the cost of doing business for these guys."