Once an attacker has targeted any member of a collaborative platform, command-and-control servers are easily identified by their IP addresses throughout the network. This means that attackers can no longer benefit from the isolation of their targets; they must use a new IP for each attack that they launch. Instead of being able to launch thousands of attacks from a single IP, they have to pay the cost of acquiring a number of IPs that is proportional to the number of attacks they wish to mount.
Additionally, an attacker’s tools and tactics become much less effective when defenders collaborate to protect themselves from the attacker. A “Neighborhood Watch” for the Internet makes sense from an economic perspective as well as from an operational one.