Slashdot Mirror

← Back to Stories (view on slashdot.org)

The International Cyber Cop Unit

Posted by samzenpus on from the cool-job-title dept.

coondoggie writes "A group of international cyber cops is ramping up plans to fight online crime across borders. The unit, known as the Strategic Alliance Cyber Crime Working Group, met this month in London and is made up of high-level online law enforcement representatives from the U.S., Australia, Canada, New Zealand, and the United Kingdom. One of the main goals of the group is to fight cyber crime in a common way by sharing intelligence, swapping tools and best practices, and strengthening and synchronizing their respective laws."

5 of 127 comments (clear)

  1. You realize what they really mean by tkrotchko · · Score: 5, Interesting

    This is going to end up as a copyright/RIAA/MPAA task force to fight the evil copyright pirates putting women and children out of work, right?

    It's inevitable.

    --
    You were mistaken. Which is odd, since memory shouldn't be a problem for you
  2. So where does the $67 billion go? by LM741N · · Score: 4, Interesting

    67 billion dollars is a lot of money. Where the hell is it going? Is Uncle Scrooge on the loose filling his money bin? Its hard to imagine that much money just sitting somewhere and never being spent. I mean, that is the purpose of money- to spend.

  3. Re:I don't want new laws, but... by Opportunist · · Score: 3, Interesting

    Computer crime is an international issue. Botnets, phishing and spam is an international problem, with the criminals sitting safely somewhere in countries that have other (read: real) problems than dealing with something like this. I mean, if you have thugs mugging people on the street in daylight, you have better things to worry about than someone sitting at home robbing people abroad.

    And this won't change. Do you really think that developing countries are going to put a lot of effort and manpower behind trying to solve crimes abroad? At best, they don't care (for the reasons outlined above). At worst, they are quite happy about someone bringing in some desperately needed foreign money. If anything, they will budge under international pressure and put some token effort into it, some kind of show but no substance.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. This might even be a good idea... by david_bonn · · Score: 5, Interesting

    Y'know, I'm feeling I need to play devil's advocate here.

    I'm not exactly trusting of the intentions of the fine people doing this, and I'm even less trusting of their ability to implement even good ideas. That's probably not fair but I'm pretty sure I'm not the only one who feels that way.

    If you've ever tried to actually deal with law enforcement on a computer crime, you run into pretty wicked problems both of jurisdiction and technical competence. While the latter problem has improved somewhat in recent years, the former problem still exists (and is arguably worse, twenty years ago your trail wouldn't run cold in Moldova or Pakistan or Vietnam).

    This means there is a real problem to be solved here. It also seems to me that the problem has technical, political, and legal aspects. That implies any solution is going to be ugly.

    Having the Internet be a separate jurisdiction with its own courts and its own police makes more sense than the mess we have now.

  5. Re:Another unPolice. by 99BottlesOfBeerInMyF · · Score: 2, Interesting

    I would love to hear more about these meetings you say you have been apart of, I am not challenging you per say, but more so the content of those meetings, if they could have interceded in those botnets, they would have already, sending to ISPS all the clients on the list with compromised machines, or emails to each owner of each machine...hell even take over the control until they find something to do with them, legally speaking.

    "They" in this case refers to researchers at two different, private, network security firms, one of which was my employer at the time. They provide security devices and services to pretty much every tier 1 ISP in the world. They absolutely do create lists of infected host IPs, by traffic consumption, worm, etc. They can export the data as XML (among other formats) to automatically create mailing lists to notify users that they are infected. I don't know of any major ISPs, however, who actually took that step because they had little or no financial interest in so doing.

    The security researchers had no authority to install software on any of the bots and doing so (while it might have helped a little bit) would have opened them and the company up to legal liabilities. For the most part, the researchers did not even report the bots to the authorities, except in one case where it was being used to try to DDoS a block of IP space in Sweden, in the wake of the international incident involving published images of allah. In that particular incident it was "botnet for rent" setup where malicious users were renting time controlling a botnet and the user took multiple tries to get the right commands and ended up attacking a random chunk of cable modems on a rather ineffective port. After they finished the research project, they did report that one to the Swedish authorities. The bots themselves were scattered across Europe and the US for the most part. I don't know what sort of legal background you have, but the researchers and our company's legal council claimed we had no authority to switch the control channel and takover the bots, or to try to patch security holes on those machines.