Don’t be dumb, keep schtumm!

This quote “The sweep was part of a civil suit brought by Microsoft in its increasingly aggressive campaign to take the lead in combating such crimes, rather than waiting for law enforcement agencies to act” from this article is what motivated me to tweet “Opening civil proceedings “without waiting for law enforcement”, against 39 John Does and citing their online handles is a very dumb idea.”
 
The security industry and research organisations should work with law enforcement, not against it. All 39 of the online handles mentioned in the court submission (covered in my blog yesterday) are now fully aware that they are under active investigation and have the chance to “disappear”, probably to resurface elsewhere and carry on business as usual.
 
It is disturbingly similar to how the identities of the Koobface gang were exposed without waiting for due legal process, even though the intelligence behind this “exposé” was mostly generated in an industry group working with law enforcement towards an eventual prosecution. Once the information is published, without waiting for due legal process the criminals have a chance to go to ground.
 
Again in the Microsoft civil suit example, there is a reliance on information that was shared within working groups. The normal model is to collaborate across industry and come up with a shared result in terms of law enforcement. Marketing actions like this very much break that model.
 
The successful dismantling of the Esthost botnet with the arrest of the criminals involved is a true model of how the security industry and law enforcement can and should work together to better secure the internet and internet users. That investigation was 6 years in the making and led to the arrest of an entire crime ring and the dismantling of their infrastructure.
 
Long term law enforcement success should not be sacrificed on the altar of marketing initiatives.
 

One thought on “Don’t be dumb, keep schtumm!

  1. Pingback: Publicar la info de ZeuS… ¿Una buena idea? – NoticiasMGM.com – Tecnología Videojuegos & Internet

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>