Re: Should the cybercrime reporting be obligatory for businesses?
From: Andrijani (treebirds@hotmail.com)Date: 03/26/02
- Next message: Andrijani: "Re: Should the cybercrime reporting be obligatory for businesses?"
- Previous message: David Bianco: "Re: Is there any text files out there on password crackers"
- In reply to: Walter Roberson: "Re: Should the cybercrime reporting be obligatory for businesses?"
- Next in thread: Bill Unruh: "Re: Should the cybercrime reporting be obligatory for businesses?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: treebirds@hotmail.com (Andrijani) Date: 26 Mar 2002 06:12:15 -0800
roberson@ibd.nrc.ca (Walter Roberson) wrote in message news:<a7nocm$g9f$1@canopus.cc.umanitoba.ca>...
> In article <d9b483d3.0203250341.32ba863f@posting.google.com>,
> Andrijani <treebirds@hotmail.com> wrote:
> : I would like to get some comments on the topic that I post here. I
> :would like to get some comments for the topic that I post here.
> : An article in the newspaper (The AGE, March 5, 2002) that I read,
> :Cybercrime a $3 trillion nightmare, raises the issue about the
> :necessary reporting of cybercrime through law enforcement. Is it
> :possible to make the reporting of cybercrime as mandatory for
> :companies?
> :My own view is that it is impossible in the current situation to make
> :organizations report cybercrime through law enforcement. The reasons
> :are:
>
Dear Walter,
Thanks for your comment
> You would need some good guidelines as to what constitutes 'cybercrime'
> for this purpose.
>
> - I get scanned by tens of thousands of Nimda probes a day. Does each
> different probe source constitute an "cybercrime" ?
Basically, I agree with you that although cybercrime can be classified
into hackers, terrorists, information merchants, etc, however there is
no detail standard in terms of reporting necessity. Which and what
level of cybercrime that needs to be reported should be defined by
law.
>
> - Many of the attacks are distributed these days. What you want to know
> is who triggered the attack -- but how are you going to determine that
> when the attacks are distributed?
The difficulty to identify a person (a hacker)over a network has
become a major issue. So what's the purpose of making the cybercrime
reporting mandatory, if the law cannot identify, arrest, and prosecute
the atackers?
>
> - Forged packets. Unless all the routers for most of the 'Net start
> recording the headers for pretty much *every* packet, or some major new
> Internet control mechanism is achieved, you end up running off
> investigating completely the wrong places.
>
> - Multiple jurisdictions. Legislation in the USA would have little
> effect if the attacker simply routes through another country. Unless,
> that is, one does what was being discussed late last year and expands
> Carnivore to log *all* connections originated or terminating anywhere
> in the USA, and then essentially runs hundreds of thousands of "fishing
> expeditions" per hour, comparing all the recorded connections to the
> alleged naughty connections.
>
> - Foreign recalcitrance. Who amongst us has *ever* gotten a response
> (even automated) to a report we've sent to China?
>
> - Don't be expecting an international cybercrime treaty any time soon.
> Look at the lesson of the international war crimes court treaty: the
> USA is refusing to sign the treaty unless the treaty blanketly exempts
> US citizens from its jurisdiction. (This is perhaps due in part to the
> serious efforts in some circles to have Henry Kissinger put on trial
> for war crimes.) DoS attacks et al. are to some extent, like it or not,
> forms of economic and military competition -- and the USA is always
> very reluctant to give up economic or military strategy that might give
> it an advantage.
>
> - At my workplace, we log every connection and attempted connection to
> our systems. It runs about 80 megabytes per day at present. Just
> writing good analysis programs is taking weeks of my time; with all my
> other work, I only have time to report the most blatant attacks. If I
> had to report every single ftp scan (say), then I would have to hire
> someone whose job it was just to run the analyses and send out the
> reports. If our site was an "attractive nuisance" [e.g., political
> site, site about abortion, porn site -- or was grc.com :) ] then the
> team we could have to hire just to file the mandatory reports could
> easily cost us more than our organizational profit.
Finally, the limitless of geographical area covered by cybercrime and
the unique law characteristics in every country makes reporting this
crime as a mandatory is difficult to be achieved.
- Next message: Andrijani: "Re: Should the cybercrime reporting be obligatory for businesses?"
- Previous message: David Bianco: "Re: Is there any text files out there on password crackers"
- In reply to: Walter Roberson: "Re: Should the cybercrime reporting be obligatory for businesses?"
- Next in thread: Bill Unruh: "Re: Should the cybercrime reporting be obligatory for businesses?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
