[philthy]

I think you need to read up on cyber crime and cyber criminal groups. Your thesis is correct but only accounts for those who are not independent from the internet. A professional attacker wouldn't ever use the machine and network they were accessing the Internet from for anything else other then their attacks. No compromising search terms, emails, chats, page visits, internet billing, etc. I'm talking a machine totally devoid of personal information or anything that could potentially reveal the identity/location/details of the attacker. Now imagine this was scalable and you constantly were changing your point of access and machine. Actual cyber criminals (the ones cleaning out credit card companies, banks, high level blackmail, stolen secrets, etc, the shit you really only ever hear rumors about because it's too dangerous to leave executive circles at companies.) especially in Eastern Europe have access to an almost unlimited supply of cheap machines, false identities, "tunneled" networks and connections inside major established institutions and companies, and strict criminal group rules, make it almost impossible to identify anyone. Don't be naive this shit goes on everyday.