Slashdot Mirror

← Back to Stories (view on slashdot.org)

The International Cyber Cop Unit

Posted by samzenpus on from the cool-job-title dept.

coondoggie writes "A group of international cyber cops is ramping up plans to fight online crime across borders. The unit, known as the Strategic Alliance Cyber Crime Working Group, met this month in London and is made up of high-level online law enforcement representatives from the U.S., Australia, Canada, New Zealand, and the United Kingdom. One of the main goals of the group is to fight cyber crime in a common way by sharing intelligence, swapping tools and best practices, and strengthening and synchronizing their respective laws."

32 of 127 comments (clear)

  1. We should sic em on the MAFIAA by Finallyjoined!!! · · Score: 2, Informative

    As they are patently criminal organizations. :-)

    --
    If I had an Ass, I'd call it Fanny Bottom, then I could slap my Ass; Fanny Bottom, on the Arse.
    1. Re:We should sic em on the MAFIAA by Opportunist · · Score: 3, Insightful

      Duh. Which headline is the better PR?

      "Millions spent, no communists/terrorists/badguyofthemonth caught"
      or
      "Sting busts ring of (insert random number) illegal filesharers".

      When you run security like a profit center (i.e. compare money spent to criminals caught), which ones would you go for? The ones that are hard to catch but pose a threat, or the ones that are easy to catch even though 99% of the population don't care about their 'crime'?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Another Cyber Control Group? by PC+and+Sony+Fanboy · · Score: 2, Insightful

    Just what we need, another vigilante group patrolling the intertubes. As if the americans didn't have enough of these already.

    1. Re:Another Cyber Control Group? by Brian+Gordon · · Score: 2, Insightful

      That is what we need. What we don't need is a semi-legitimate government-sponsored group operating way out of their legal jurisdiction.

    2. Re:Another Cyber Control Group? by sasha328 · · Score: 4, Insightful

      Just what we need, another vigilante group patrolling the intertubes. As if the americans didn't have enough of these already. Could you please elaborate on how you define the FBI, AFP, NZP, RCMP and the Scotland Yard as vigilantes?

      It is really frustrating the kind of responses to this kind of story. I wonder what the slashdot troll would write when or if this agency manages to arrest a nasty spammer. My guess it'll probably be in the YRO section decrying the freedom to spam.
  3. Nice name for a group by Weaselmancer · · Score: 5, Funny

    Strategic Alliance Cyber Crime Working Group. Sounds like a straight to DVD Jean-Claude van Damme movie.

    --
    Weaselmancer
    rediculous.
    1. Re:Nice name for a group by mrbluze · · Score: 3, Funny

      Strategic Alliance Cyber Crime Working Group.

      SACCWG sounds really stupid if you try to pronounce the mnemonic. How is anyone gonna remember that?

      What about "Universal Working Alliance Networking Cybercrime Knowledge", or something?

      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
    2. Re:Nice name for a group by mrbluze · · Score: 4, Funny

      Incidentally, I suspect at the announcement of the aforementioned committe, a counter-committee is being secretly formed as we speak:

      "Fellowship Undermining Cybercop Knowledge - You Obviously Understand"

      --
      Do it yourself, because no one else will do it yourself. [beta blockade 10-17 Feb]
    3. Re:Nice name for a group by Opportunist · · Score: 2, Funny

      SACCWG rolls sweetly off your tongue? Do you speak a slavic language by any chance?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re:Nice name for a group by TheLink · · Score: 4, Insightful

      Nah the first thing I thought of when I saw the countries participating was ECHELON.

      I think they're probably going to scare the people to help justify spying and dubious stuff (like the spread of nasty policies to other countries).

      I'm personally not afraid of all that malware, while there are lots of bots, there aren't that many hackers out there actually controlling those bots.

      The fact that the cops have done little is mainly because it is not a priority. After all they could always follow the _money_. I am sure that some of the money trails will lead to their jurisdiction. Then you could also do stings.

      I'm more afraid of the policies and laws that will result from this "cooperation", because they will probably try to infect other countries with the resulting mal-laws.

      --
  4. Yaaawwwn! by domatic · · Score: 3, Funny

    Wake me up when they send in the Navy Seals to kill spambot herders.

  5. "Cyber Cops"? by webmaster404 · · Score: 5, Insightful

    Do we really need more laws/people trying to "protect" us online? It has already been proven with laws like the DMCA that congress has no clue how the internet/modern technology works. And adding law enforcement is just an excuse to add more laws that do nothing but annoy us law abiding citizens. And also, if white hat hackers can't get the real criminals, there is no way that these "cyber cops" are going to be able too unless they say control a botnet. This just is more excuse to block "warez" and "piracy".

    --
    There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
    1. Re:"Cyber Cops"? by Fear+the+Clam · · Score: 2, Funny

      So long as they track and kill spammers in their 20% creative time it's cool with me.

    2. Re:"Cyber Cops"? by Opportunist · · Score: 2, Funny

      You know, I just read that "piracy" as "privacy". Now I wonder what Freud would say about that...

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  6. Another unPolice. by gnutoo · · Score: 4, Insightful

    The US can't get the FBI, CIA and NSA to play nice with each other or the hundreds of state and local athorities. I'm supposed to believe that there will be real international cooperation? Yet another UN police force, what a joke.

    I'd like to see bot hearders busted but I don't have any faith in this new super team to get it done. What we will probably see is this team putting pressure on other governments to support imaginary property. At it's worst, it will be used to track dissidents and limit free speech world wide, while criminals continue to do what they always have.

    1. Re:Another unPolice. by 99BottlesOfBeerInMyF · · Score: 5, Insightful

      Honestly, unless these people have TONS of bandwidth (or tons of Linux install CDs) there's no way they can take down these botnets.

      I've sat in on talks from several different security researchers who infiltrated botnets and reverse engineered them. That doesn't take a lot of bandwidth. It takes a few honeypots, a decompiler, and and IRC client. They could also have issued a command to redirect the entire botnet to a new control channel under their control and from there disabled the botnet, even patching the vulnerability used to gain control in many cases. People don't do that, not because it isn't possible, or they need more bandwidth. They don't do it because of the legal liability. They have no authority to take control of other people's machines (even if someone else also has control). Worse in many cases, what if they try to patch it and the patch fails? Well, then the researcher is liable for any damage than ensues. No one wants to take that risk.

      Stealing bots from other botnet herders is already common practice among crackers. It is perfectly possible for cops to steal them back, it just is a legal nightmare to do so, especially if you aren't even sure whose jurisdiction all those machines are in.

    2. Re:Another unPolice. by 99BottlesOfBeerInMyF · · Score: 2, Interesting

      I would love to hear more about these meetings you say you have been apart of, I am not challenging you per say, but more so the content of those meetings, if they could have interceded in those botnets, they would have already, sending to ISPS all the clients on the list with compromised machines, or emails to each owner of each machine...hell even take over the control until they find something to do with them, legally speaking.

      "They" in this case refers to researchers at two different, private, network security firms, one of which was my employer at the time. They provide security devices and services to pretty much every tier 1 ISP in the world. They absolutely do create lists of infected host IPs, by traffic consumption, worm, etc. They can export the data as XML (among other formats) to automatically create mailing lists to notify users that they are infected. I don't know of any major ISPs, however, who actually took that step because they had little or no financial interest in so doing.

      The security researchers had no authority to install software on any of the bots and doing so (while it might have helped a little bit) would have opened them and the company up to legal liabilities. For the most part, the researchers did not even report the bots to the authorities, except in one case where it was being used to try to DDoS a block of IP space in Sweden, in the wake of the international incident involving published images of allah. In that particular incident it was "botnet for rent" setup where malicious users were renting time controlling a botnet and the user took multiple tries to get the right commands and ended up attacking a random chunk of cable modems on a rather ineffective port. After they finished the research project, they did report that one to the Swedish authorities. The bots themselves were scattered across Europe and the US for the most part. I don't know what sort of legal background you have, but the researchers and our company's legal council claimed we had no authority to switch the control channel and takover the bots, or to try to patch security holes on those machines.

  7. Re:alphabet soup by webmaster404 · · Score: 4, Funny

    All the F/OSS projects already took them all.

    --
    There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
  8. You realize what they really mean by tkrotchko · · Score: 5, Interesting

    This is going to end up as a copyright/RIAA/MPAA task force to fight the evil copyright pirates putting women and children out of work, right?

    It's inevitable.

    --
    You were mistaken. Which is odd, since memory shouldn't be a problem for you
  9. Re:alphabet soup by ScrewMaster · · Score: 3, Funny

    Could just shorten it to "sack-wag" because of all the dicks that will be present.

    --
    The higher the technology, the sharper that two-edged sword.
  10. UKUSA intelligence sharing to become stronger? by Aaron+England · · Score: 5, Informative

    It is interesting to note that the countries named as part of this Strategic Alliance Cyber Crime Working Group, are also part of the UKUSA community. This is significant because said community forms the alliance of nations that is responsible for ECHELON, a program that collects and analyzes signals intelligence from all over the globe.

  11. Re:alphabet soup by SeaFox · · Score: 3, Funny

    "saccwg" doesn't exactly roll off the tongue.

    It does for a wookiee.
  12. So where does the $67 billion go? by LM741N · · Score: 4, Interesting

    67 billion dollars is a lot of money. Where the hell is it going? Is Uncle Scrooge on the loose filling his money bin? Its hard to imagine that much money just sitting somewhere and never being spent. I mean, that is the purpose of money- to spend.

  13. Re:Shouldn't it be the CCCWG by ThePeices · · Score: 2, Funny

    We would, if the US was part of the commonwealth, which it is thankfully not.

  14. International Cyber Unit by CrazyJim1 · · Score: 2, Funny

    Heh heh heh.

    --
    God spoke to me.
  15. Re:I don't want new laws, but... by Opportunist · · Score: 3, Interesting

    Computer crime is an international issue. Botnets, phishing and spam is an international problem, with the criminals sitting safely somewhere in countries that have other (read: real) problems than dealing with something like this. I mean, if you have thugs mugging people on the street in daylight, you have better things to worry about than someone sitting at home robbing people abroad.

    And this won't change. Do you really think that developing countries are going to put a lot of effort and manpower behind trying to solve crimes abroad? At best, they don't care (for the reasons outlined above). At worst, they are quite happy about someone bringing in some desperately needed foreign money. If anything, they will budge under international pressure and put some token effort into it, some kind of show but no substance.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  16. This might even be a good idea... by david_bonn · · Score: 5, Interesting

    Y'know, I'm feeling I need to play devil's advocate here.

    I'm not exactly trusting of the intentions of the fine people doing this, and I'm even less trusting of their ability to implement even good ideas. That's probably not fair but I'm pretty sure I'm not the only one who feels that way.

    If you've ever tried to actually deal with law enforcement on a computer crime, you run into pretty wicked problems both of jurisdiction and technical competence. While the latter problem has improved somewhat in recent years, the former problem still exists (and is arguably worse, twenty years ago your trail wouldn't run cold in Moldova or Pakistan or Vietnam).

    This means there is a real problem to be solved here. It also seems to me that the problem has technical, political, and legal aspects. That implies any solution is going to be ugly.

    Having the Internet be a separate jurisdiction with its own courts and its own police makes more sense than the mess we have now.

  17. PIGS IN CYBERSPACE! by Jeremiah+Cornelius · · Score: 3, Insightful

    First against the wall, when the revolution comes.

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
    1. Re:PIGS IN CYBERSPACE! by PopeRatzo · · Score: 4, Insightful

      Way to advocate the murder of cops.
      Excuse me, douchebag, but before you get all exercised about the notion of poor, noble boys in blue fighting crime on the mean streets of our cities, remember, these are "cybercops" we're talking about here.

      They'll be the same ones who listen in on our phone calls and pressure ISPs to give up subscriber info. They'll be the same ones who monitor the surveillance cams and figure out ways to leverage your credit or medical records against you.

      Calling them "cybercops" gives them too much credit. They're the toadies working for Big Brother.

      And all the GP said was "first ones against the wall". He didn't say what happens next. That was your own imagination at work, son.
      --
      You are welcome on my lawn.
    2. Re:PIGS IN CYBERSPACE! by AlecC · · Score: 3, Insightful

      Just becasue they are cybercops does not mean that they are necessarily bad guys. Cybercops, like any kind of cops, are a necessary evil: laws must be enforced, so we need law enforcers. If people would do the right thing without enforcers, you wouldn't need a law to tell them to do so. (Or course, laws which cannot or should not be enforced should be repealed; see you local legislator about this, not the police.) The problem is not the existence of cops, not (within broad limits) their powers. It is the checks and balances that need to be in place to ensure that their powers are not exceeded and that they are used in pursit of the ends for which they were allocated.

      I absolutely accept that there is a need for police to tap electronic communications at some times. But not at any time a single policeman, however senior, thinks that he would like to. It is not tapping that is bad, it is tapping without a warrant. The executive branch needs some oversight, which is usually provided by the judicial branch i.e. the policeman needs to get a warrant from a judge, whose appointment needs to be transparent enough to ensure that he is not in cahoots with the policeman.

      So I think your knee-jerk response to the concept of cybercops is excessive, and damaging. I want them bugging Osama bin Laden's phone calls. I don't want them bugging my, or my neighbours (equally innocent of major crime, though probably mostly guilty of the odd misdemeanor) phones. And i want to know who, and how, it watching to see tha this is so. But I don't want the head in the sand attitud of "they are all evil". They won't go away, and you may make them evil becasue, since you assume they are evil, they have nothing to lose by being evil. Support your local cop *if* he can show he is squeaky clean.

      --
      Consciousness is an illusion caused by an excess of self consciousness.
    3. Re:PIGS IN CYBERSPACE! by Jeremiah+Cornelius · · Score: 2, Funny

      Voters can't find their US towns on the map. :-(

      --
      "Flyin' in just a sweet place,
      Never been known to fail..."
  18. I'm trying to picture it... by dave562 · · Score: 4, Funny
    "Put down the zero day and come out with your hands up!"

    "Drop the assembler and nobody gets hurt!"

    "All of your bases are belong to us!!"

    ??????