Crime is still Crime!
Article from Network World: http://www.networkworld.com/news/2011/012011-retaliation-answer-cyber-attacks.html?hpg1=bn
This may come off as somewhat of a rant but.. Disclosure given in advance.
In this Handlers opinion there is no such thing as benevolent crime. Network world is running a piece that states "Is retaliation the answer to cyber attacks?" Pretty sure that I can speak for the handler team that if that was the answer we would be doing it. It might be a little bold to state that but I guarantee you that most of us have at least thought it occasionally.
Now after reading this article in depth it does make some significant arguments for and against but law is the law. We have common international law, regional law and local law. It seems that government and local law enforcement should be the responsible parties for "retaliation or investigation." If we are at a point of taking the law into our own hands then perhaps it is evident that pressure should be placed on local and regional government to take Cybercrime serious.
The article reminds me of a time in US History usually referred to as "The Old West" when law was sometimes conducted in what we here in the US of A call "Frontier Justice." There is probably reference to this in most cultural history and it seems that the Internet may still be in this phase of growth.
The Internet Storm Center is dedicated to understanding and defending against the threat and before heeding the advice of "Retaliate" remember that you may be breaking the law in your local region. In several SANS classes they teach "Get Written Permission from the owner of the network." We teach this for a reason.
So, to conclude, a quote from one of my favorite movies "You want that gun, pick it up. I wish you would." -- Rio Bravo, said by the late John Wayne as the character Chance. The concept that needs to be brought across is that things escalate, and you should weigh your decisions carefully as well as legal responsibilities.
Question to the Diary readers? What are your thoughts on the subject?
Richard Porter
--- ISC Handler on Duty
Updated:
A reader wrote in brought up a valid point about countries not will in to give up rights. I will concede to the fact that governments do not cooperate enough however do not feel that regional and local government need to give up their authority. In fact it could be argued that government and law enforcement need to cooperate even more on a global scale.
The reader also commented that malicious traffic coming into a certain country was disconnected at ingress/egress points and attacks drastically dropped. This is something that governments can do is control what comes and goes from their country and in my opinion, for better or worse, includes data streams.
Thanks for the long reply Simon! I it was a pleasure to read it this morning!
Comments
"... The Internet is a hostile network like the wild west without a sheriff!"
('Been there since site inception - 2000)
"... gov't... take Cybercrime serious."
I'm sure they do, but their resources are nowhere near any "balance of power" when compared to numbers like this:
- http://www.ic3.gov/media/2010/100312.aspx
March 12, 2010 - "... total loss linked to online fraud was $559.7 million..."
- http://www.eset.com/blog/2010/03/17/were-not-talking-peanuts-here
March 17, 2010 - "... these figures relate only to the USA. Multiply those amounts many times over to give you some idea of the size of the losses on a global basis ..."
.
PC.Tech
Jan 23rd 2011
1 decade ago
By: Jeffrey Carr
Publisher: O'Reilly Media, Inc.
discusses the international law aspects of when it is *POSSIBLY* acceptable for a *NATION* to retaliate in a cyber warfare situation. Retaliation by a non-nation i likely going to be considered a crime, and in certain situations could result in the target of the retaliation's nation justifiably launching military measures againt the nation harboring the retaliator; such measures are not necessarily limited to cyber actions!
Moriah
Jan 23rd 2011
1 decade ago
Calling up ISPs to report traceable attacks, and request they disconnect the customer originating the attack...
There are plenty of common perfectly legal ways to "retaliate"
Attack responders taking the law into their own hands is more often required than not. Law enforcement generally can't or won't respond effectively to such matters.
Obviously... there must be limits to any retaliation. Responding to an attack by launching a DoS is obviously bad; DoS is in effect an attack against innocent networks (generally).
Responding to attack by launching an intrusion attempt, makes the "retaliater" just as guilty as the original attacker, and the argument they were attacked first does not excuse anything.
If a baseball comes from your neighbor's yard, and smashes your window... you still go to jail if you run across the street and break down their front door with an axe for revenge.
Mysid
Jan 23rd 2011
1 decade ago
'Crime' is in the eye of the beholder, largely. Go look for California mining law, to see how land ownership was established in the 1840's in California. And how different that is from (say) land ownership in England now. Different again from France.
Forgive if you can. Do not wager more than you can afford to lose. Others may legitimately not share your business goals. Competition is good, is what drives progress.
On with IPv6 !!!
Chris
Jan 23rd 2011
1 decade ago
PrattleOnBoyo
Jan 23rd 2011
1 decade ago
I put DNS blacklist reporting, null the source tc. as an increase in you defensive posture in response to an attack/crime.
Counter-attack raises this to the crime level and that is were individuals need to be very careful.
And in response to Chris' playground analogy. If the bully in the schoolyard was taking your lunch money, you wouldn't have the option to go play with someone else. The Internet is not an optional part of peoples life anymore. It is integrated into just about every aspect of our life.
Roy
Jan 23rd 2011
1 decade ago
IOW, identifying the adversary and assessing how badly your retaliatory actions have hurt him/her are difficult issues independent of the question of criminality.
Another good resource is Cyberdeterrence and Cyberwar by Martin Libicki which delves into whether or not classical "deterrence" is even practical in the cyber-realm.
Ishmael
Jan 24th 2011
1 decade ago
w00ten
Jan 24th 2011
1 decade ago
A counterattack would also effect more than just the target.
Except in extreme circumstances both my be considered equally evil.
MHO
-Larry
Jan 25th 2011
1 decade ago
Roy
Jan 25th 2011
1 decade ago