McColo takedown: Internet self policing or vigilantism
- — 02 December, 2008 09:01
Few tears were shed when McColo, a US-based company that allegedly hosted systems for prolific purveyors of spam, malware and child pornography, was suddenly taken offline by its upstream service providers on November 11.
The September takedown of another hosting firm with a similarly dodgy reputation -- Intercage -- also evoked little sympathy from an Internet community that clearly is fed up with the massive volumes of spam and crimeware flowing across the Web.
What's notable about the McColo and Intercage shutdowns is that they weren't initiated by law enforcement officials or the upstream ISPs themselves. Instead, the upstream providers disconnected the companies, and their customers, from the Internet based on information that was provided by security researchers.
The two cases are shining a spotlight on the ferocious struggle taking place between malware distributors and loosely aligned but highly committed groups of security researchers who are out to neutralize them.
Those who support these self-appointed Net police -- and many do -- liken their efforts to Neighborhood Watch programs designed to keep city streets safe. Backers claim that the effort to shut down miscreant ISPs is needed because of the inability of law enforcement agencies to deal with such a global problem, as well as a lack of applicable laws.
A few people, though, are questioning whether there is a hint of vigilantism behind the takedowns -- even as they acknowledge that there may not be any other viable options for dealing with the problem at this point.
Soon after Intercage was forced offline, for instance, Earl Zmijewski, vice president and general manager at Internet monitoring company Renesys, asked in a blog post why law enforcement officials hadn't been involved. "While I'm not a big fan of cybercrime or the providers who knowingly host these activities, I can't help but wonder where law enforcement is in this story," Zmijewski wrote. "We still have laws, right?"
Maxim Weinstein, manager of the anti-malware group StopBadware.org, had a similar the Internet's biggest botnets reaction to McColo's shutdown. In a November 13 blog post, Weinstein applauded the work done by security researchers. But he also voiced concern about innocent companies and individuals who might have been affected.
"What happened to those users," he wrote, "when their providers and their sites suddenly became unavailable?"