Saturday, March 28, 2009

'Act Locally, Pwn Globally'

Jeffrey Carr writes on SecurityFocus:

We need to change the game. We need an international effort to mandate verification of registration information for all Internet services and products. Even ICANN has been too lax in its verification procedures, according to a 2005 U.S. General Accountability Office study which found that eight percent of all domains had at least one instance of obviously false WHOIS information.

Moving up from ICANN, we need to hold large hosting companies responsible for criminal behavior on their leased sites. In other words, enforce their terms-of-service agreement. lists the top ten infected network blocks responsible for the world's badware. SoftLayer Technologies comes in at number seven with 3,507 infected sites, followed by The Planet, another Plano, TX company, at number eight with 3,166 infected sites.

Finally, we need a commitment from governments to provide no safe harbors for cyber criminals and cooperate in international investigations. One way to start the process would be to form a world body solely for the purpose of building the cooperative networks needed to initiate and complete international network forensic investigations.

More here.


Post a Comment

<< Home