Internet security sites are buzzing with the latest success of self-policing. As reported by Brian Krebs in his blog on the Washington Post site, San Jose based web hosting service McColo has been cut loose from the internet by its providers. According to various security experts, perhaps 75% of daily spam & scam email globally was knocked offline, at least temporarily, as it either originated from McColo or was otherwise controlled from there. I find this whole situation quite fascinating.
For nearly a decade now, it has been obvious that law enforcement just isn’t up to the task of keeping pace with organized internet crime. Internet security experts would track something down, tell the FBI or whomever, then wait 6 months while they put together a task force or subcommittee or something – assuming they do anything at all since they are underfunded and understaffed. Meanwhile the bad guys just shift tactics and remain untouched.
Network operators began to ask why should anyone wait for law enforcement and do nothing? Just throw the bums out! And that’s what has started this internet vigilante movement. Security gurus assemble the evidence (generally it’s an open secret rather than a whodunit) and then present it to the network providers, who just unplug the bad guys for violating their terms of service. In this particular case, it was Global Crossing and Hurricane Electric which apparently did the unplugging when provided with the evidence on McColo. In September and October it was webhost Atrivo that had its links severed one by one until they finally shut down. There was a time when people thought internet backbones and hosting providers would always look the other way, after all if these guys pay their bills and drive lots of bits then why interfere? Those days seem to be over, perhaps the internet has grown up. Of course, it’s still a game of Whack-A-Mole, but it’s a game that drives up the costs for the perpetrators.
There are those who say this is a bad precedent, that we should let law enforcement do its job and that interfering is bad. No, this is just the neighborhood watch at work, and working well. After all, nobody’s getting lynched, the locals are just reporting crack houses and getting them evicted on code violations. If the police ever show up, they’re welcome to help.
If you haven't already, please take our Reader Survey! Just 3 questions to help us better understand who is reading Telecom Ramblings so we can serve you better!Categories: Internet Traffic