Skip the navigation

McColo takedown: Internet vigilantism or online Neighborhood Watch?

Security researchers defend efforts to police Web against rogue ISPs, malware purveyors

November 17, 2008 12:00 PM ET

Computerworld - Few tears were shed when McColo Corp., a San Jose-based ISP that allegedly hosted companies known to be prolific purveyors of spam and other malware, was suddenly taken offline last Tuesday by its upstream service providers.

The takedown in September of another company with a similar reputation — Intercage — also evoked little sympathy from an Internet community that clearly is fed up with the massive volumes of spam and other crimeware flowing across the Web.

What's remarkable about the McColo and Intercage shutdowns is that they weren't initiated by law enforcement officials or via court order. Nor did they happen because either company was forced into bankruptcy or had other financial problems. Instead, both companies were forced offline when their upstream ISPs, acting upon information provided by security researchers, simply disconnected them and their customers from the Internet.

Behind the scenes of the McColo and Intercage cases, a ferocious struggle is taking place between the purveyors of Web-based malware and loosely aligned but highly committed groups of security researchers who are out to neutralize them.

Those who support these self-appointed Net police — and many do — dismiss any suggestions that the researchers are acting as online vigilantes and instead liken their efforts to Neighborhood Watch programs designed to keep city streets safe. Backers claim that the effort to shut down miscreant ISPs is needed because of the inability of law enforcement agencies to deal with a problem that is global in nature, as well as a lack of applicable laws both domestically and internationally.

A few people, though, do question whether there is a hint of vigilantism behind the takedowns — even as they acknowledge that there may not be any other viable options for dealing with the problem at this point.

Soon after Intercage was forced offline, for instance, Earl Zmijewski, vice president and general manager at Internet monitoring company Renesys Corp., asked in a blog post why law enforcement officials hadn't been involved in the shutdown. "While I'm not a big fan of cyber-crime or the providers who knowingly host these activities, I can't help but wonder where law enforcement is in this story," Zmijewski wrote. "We still have laws, right?"

The shutdown of McColo prompted a similar reaction from Maxim Weinstein, manager of StopBadware.org, an anti-malware group that is spearheaded by Harvard University's Berkman Center for Internet & Society. In a blog post last week, Weinstein applauded the efforts that resulted in McColo being disconnected from the Internet. But he also expressed concern about innocent companies and individuals who might have been negatively affected by the move.



Our Commenting Policies