McColo takedown: Internet vigilantism or online Neighborhood Watch?
Security researchers defend efforts to police Web against rogue ISPs, malware purveyors
Computerworld - Few tears were shed when McColo Corp., a San Jose-based ISP that allegedly hosted companies known to be prolific purveyors of spam and other malware, was suddenly taken offline last Tuesday by its upstream service providers.
The takedown in September of another company with a similar reputation — Intercage — also evoked little sympathy from an Internet community that clearly is fed up with the massive volumes of spam and other crimeware flowing across the Web.
What's remarkable about the McColo and Intercage shutdowns is that they weren't initiated by law enforcement officials or via court order. Nor did they happen because either company was forced into bankruptcy or had other financial problems. Instead, both companies were forced offline when their upstream ISPs, acting upon information provided by security researchers, simply disconnected them and their customers from the Internet.
Behind the scenes of the McColo and Intercage cases, a ferocious struggle is taking place between the purveyors of Web-based malware and loosely aligned but highly committed groups of security researchers who are out to neutralize them.
Those who support these self-appointed Net police — and many do — dismiss any suggestions that the researchers are acting as online vigilantes and instead liken their efforts to Neighborhood Watch programs designed to keep city streets safe. Backers claim that the effort to shut down miscreant ISPs is needed because of the inability of law enforcement agencies to deal with a problem that is global in nature, as well as a lack of applicable laws both domestically and internationally.
A few people, though, do question whether there is a hint of vigilantism behind the takedowns — even as they acknowledge that there may not be any other viable options for dealing with the problem at this point.
Soon after Intercage was forced offline, for instance, Earl Zmijewski, vice president and general manager at Internet monitoring company Renesys Corp., asked in a blog post why law enforcement officials hadn't been involved in the shutdown. "While I'm not a big fan of cyber-crime or the providers who knowingly host these activities, I can't help but wonder where law enforcement is in this story," Zmijewski wrote. "We still have laws, right?"
The shutdown of McColo prompted a similar reaction from Maxim Weinstein, manager of StopBadware.org, an anti-malware group that is spearheaded by Harvard University's Berkman Center for Internet & Society. In a blog post last week, Weinstein applauded the efforts that resulted in McColo being disconnected from the Internet. But he also expressed concern about innocent companies and individuals who might have been negatively affected by the move.
- Massive botnet returns from the dead, starts spamming
- Spam levels fluctuate as crooks try to revive botnets
- Spam is silenced, but where are the feds?
- Dodgy ISP McColo briefly comes online, updates botnet
- McColo shutdown forces botnets to relocate
- Hosting firm takedown bags 500,000 bots
- Spam plummets after Calif. hosting service shuttered
- McColo takedown: Internet vigilantism or online Neighborhood Watch?
- IT Blogwatch: McColo is McShut McDown
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Logicalis eBook: SAP HANA: The Need for Speed Without timely business insights, organizations today can suffer logistical, manufacturing, and even financial disaster in a matter of minutes
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Malware and Vulnerabilities White Papers | Webcasts