Researcher wants hacker groups hounded mercilessly
Criminal cyber gangs must be harried, hounded and hunted until they're driven out of business, a noted botnet researcher said today as he prepared to pitch a new anti-malware strategy later this week at the RSA Conference in San Francisco.
"We need a new approach to fighting cybercrime," said Joe Stewart, the director of SecureWorks Inc.'s counter-threat unit. "What we're doing now is not making a significant dent."
Rather than pursue malware makers the old-fashioned way -- a tack Stewart argued is haphazard, at best -- he said that teams of paid security researchers should be created to stalk and disrupt specific criminal gangs or botnets. Set up like a police department's major crimes unit or a military special operations team, the researchers would take a long-term view, get to know their target, perhaps even infiltrate the group responsible for the botnet and employ a spectrum of disruptive tactics.
"Criminals are operating with the same risk-effort-reward model of legitimate businesses," said Stewart. "If we really want to dissuade them, we have to attack all three of those. Only then can we disrupt their business."
Researchers have had some success, said Stewart, who cited last November's takedown of McColo Corp., a hosting company that was harboring the command-and-control servers for several large botnets, as an one example. The creation of the Conficker Working Group, a consortium of companies and organizations that has worked to keep that worm's makers from communicating with infected PCs, is another.
"McColo didn't take all the botnets out," said Stewart, who was instrumental in identifying the botnets controlled by McColo-hosted systems, "even though some, like Srizbi, suffered. But even though Srizbi didn't really come back, [it's authors] are back up and running another bot. It's much less sophisticated, and just one-tenth the size, but they're back."
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
hacker
Powered by TwitterOn Twitter now
hacker
Brian Proffitt
Microsoft/Novell: Breaking Down the Coupon Numbers
Esther Schindler
Drupal's Dries Buytaert on Building the Next Drupal
Tom Henderson
Top Ten General Operating Systems Rants
pasmith
PS3 motion controller delayed; goes up against Project Natal
sjvn
Neolithic Windows security hole alive and well in Windows 7
claird
Perl source code comparison makes for good reading
mikelgan
Cell phones don't create stress or interrupt much
Sandra Henry-Stocker
How to: The Unix Interview
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
- Ubuntu advances: Why Ubuntu server installations will surge in 2010
- Social media marketing: How to make friends with benefits
- More...
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
