Let me ask you this: What would you do when you have alerted
(via abuse@ contacts) a notable ISP in the U.S. (not a tier one,
and not just one of them) about KNOWN, VERIFIABLE, and RECURRING
criminal activity in their customer downstreams?
And the downstream(s) do not respond? And the criminal activity
continues?
The most obvious answer is: Gather evidence, contact law
enforcement.
Right?
I just wanted to reach out the NANOG on this and see what you
thought... How would you handle it?
Other than being provactively phrased, its often the same reason:
e.g. what about anti-virus vendors who turn a blind eye to criminal activity by poor detection to new/old viruses, what about law enforcement who turn a blind eye to criminal activity by poor response to new/old scams, what about software programmers who turn a blind eye to criminal activity by poor response to new/old bugs, what about banks who turn a blind eye to criminal activity by poor response to new/old reports of
fraud, etc.
Law enforcement, security vendors, abuse departments try to move as fast
as they can for as many cases as they can. Yes, there are some bad cops, bad security venders, bad abuse departments; but there are also a lot of
people who are trying to help as many people as possible.
The most obvious answer is: Gather evidence, contact law
enforcement.
Other than being provactively phrased, its often the same reason:
e.g. what about anti-virus vendors who turn a blind eye to criminal activity by poor detection to new/old viruses, what about law enforcement who turn a blind eye to criminal activity by poor response to new/old scams, what about software programmers who turn a blind eye to criminal activity by poor response to new/old bugs, what about banks who turn a blind eye to criminal activity by poor response to new/old reports of
fraud, etc.
Law enforcement, security vendors, abuse departments try to move as fast
as they can for as many cases as they can. Yes, there are some bad cops, bad security venders, bad abuse departments; but there are also a lot of
people who are trying to help as many people as possible.
For once, we are not talking about what good guys can do better, but about criminals.
Law enforcement, security vendors, abuse departments try to move as
fast as they can for as many cases as they can.
While this might be true in general, there are always specific
exceptions. ISPs are not immune to criminal activity from their
employees. Perhaps ferg is facing such a situation, and getting it
resolved is in our interest. We can't know.
We did exactly that with a similar incident and the local FBI Cyber Crimes folks told us that they couldn't help us because they were entirely dedicated to potential terrorist activities. So, I would say "contact local authorities and play it up as a terrorist act" if you want any help at all.
We did exactly that with a similar incident and the local FBI Cyber
Crimes folks told us that they couldn't help us because they were
entirely dedicated to potential terrorist activities. So, I would
say "contact local authorities and play it up as a terrorist act" if
you want any help at all.
Or, you can somehow work into your complaint about how you are just
trying to "protect the children".
Our local Cyber Crime agent, while stating something similar regarding
terrorism, also told us that in order for them to even begin to
investigate, the total damages would have to add up to $10K or more.
I'm not entirely sure how every type of perceived criminal activity
translates into such high monetary loss, but this is what we were told.
Earlier this year, we were instructed to submit information to the IC3:
I've not yet had the need to use this site, so I can't vouch for its
usefulness. I imagine that if Joe Consumer knows about this site, they
get a lot of the aforementioned crackpots filling out complaint forms.
Does anyone else happen to have experience with the IC3?