Botnet Expert Wants 'Special Ops' Security Teams

CWmike writes "Criminal cybergangs must be harried, hounded and hunted until they're driven out of business, a noted botnet researcher said as he prepared to pitch a new anti-malware strategy at the RSA Conference in SF. 'We need a new approach to fighting cybercrime,' said Joe Stewart, director of SecureWorks' counterthreat unit. 'What we're doing now is not making a significant dent.' He said teams of paid security researchers should set up like a police department's major crimes unit or a military special operations team, perhaps infiltrating the botnet group and employing a spectrum of disruptive tactics. Stewart cited last November's takedown of McColo as one success story. Another is the Conficker Working Group. 'Criminals are operating with the same risk-effort-reward model of legitimate businesses,' said Stewart. 'If we really want to dissuade them, we have to attack all three of those. Only then can we disrupt their business.'"

Finally!

[mc1138]

A bunch of fat, cheetos eating super hero's I can identify with!

Re:A more simple solution...

[guyminuslife]

We get Dick Cheney to run the computer security task force, give him no oversight and a redacted budget. Then tell him there's oil in the Internet.

I guarantee, all your regulatory problems will mysteriously vanish, just like all of the(*)#(*)@R_ *CARRIER LOST*

Re:A more simple solution...

[DriedClexler]

This still doesn't address drive by exploits, XSS, SQL injections,

True, but I think we could take care of the last one by prohibiting people from taking any legal name that includes the string "); Drop Table"

Re:McColo success story?

[cbiltcliffe]

True, but now we know the bad guys suck at backups, too....