ISOM310_Criminal activity on the InternetwithQuestions has

ISOM310_Criminal activity on the InternetwithQuestions has...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Unraveling Anonymous Internet Criminal Networks: Lessons from a Cyber Defense Team The Cyber Defenders September, 2010. The mood in the big barn in Vermont was solemn. Bob and Garth Bruen, the cyber defense team, sat at their desks, each lost in thought about the decision they needed to make. They had just won their first Herculean battle in the fight to unravel an Internet criminal network, but they were worried that the network would grow another of its ugly heads, just like the Hydra of Greek myth. Were they prepared to deal with additional security threats? Did they have what it would take to rid the Internet of its various criminal ventures? Could they afford to take more time away from their paid consulting to do this work pro bono? The silence was broken only by the humming of Bob’s computer servers. The men looked back at the long, complex path to the end of the current battle and forward to the next battle. What should be their next step? Bob and Garth’s Mission Bob Bruen had worked in computer security for years, managing systems and networks at MIT. MIT, like most large, prestigious institutions was frequently under cyber attack, and this gave Bob firsthand exposure to virtual criminals. In the early 2000s, Garth Bruen, Bob’s son, was working for the Commonwealth of Massachusetts and was frustrated with the inundation of spam his department was receiving. How many times could he receive the Nigerian Prince letter (known in the industry as Scam 419) without reacting? He decided to fight back against the spam
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 criminal networks using an old, underutilized approach, and Bob helped him get started. The method he used was simple: 1) Look in the spam email for the name of the spamming site; 2) Use the WHOIStool to check the owner of the site. (WHOIS was a program that asked a domain name to identify its owner and returned that identification to the person who sent the query). 3) Report any inaccurate information like a fake email, phone number or address by filing a complaint with ICANN (Internet Corporation for Assigned Names and Numbers). ICANN was an international not-for-profit partnership that coordinated the Internet’s domain name system (DNS) to help avoid confusion and ensure that each Internet participant had a unique identifier. 4) ICANN would in turn forward the complaint to the registrar of the site who was required by the contract with ICANN to get the registrant to fix the problem or their domain name would be suspended. Garth was successful in cutting his spam by99 percent. He was amazed to see the big difference that this simple change made and decided to start writing code to automate this process. In 2003, Garth launched a new organization to fight junk in earnest. Bob and Garth dreamed of a new world with no email junk, hence decided to name the new organization “KnujOn” by reversing the letters in the “ no junk” dream message( see ) . Garth led the initiative, and Bob built up the facility, wrote and presented papers at conferences, and handled the large amount of positive feedback and publicity they received. He often received invitations after a
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 04/08/2011 for the course MKT 350 taught by Professor Hannah during the Spring '11 term at Suffolk.

Page1 / 13

ISOM310_Criminal activity on the InternetwithQuestions has...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online