I am in the UK this week for the InfoSec security show. Traveling internationally makes me ponder the issues of cross-border law enforcement on the Internet. Typically it’s been an informal process of collaboration to get phishing and botnet sites taken down by security companies and researchers. Law enforcement has unfortunately not kept up, as it usually relies on outdated international processes that can take months to coordinate a law enforcement action. By then, the criminals have often covered up their tracks.

Joe Stewart, esteemed director of malware research as SecureWorks has a better idea. He proposes a global Internet treaty whereby CERTs in each country would have the authority to enforce penalties for ISPs and others that allow malicious activities on their networks. He also proposes a global authority to coordinate among the regional CERTs.

If it’s limited to CERTs, then this can probably happen. However, getting law enforcement people to sign to such a treaty isn’t realistic in any defined timeframe. But, if the local CERTs can engage with their local law enforcement teams, on behalf of a CERT from another country, then perhaps that’s a model that can get local law enforcement engaged, as they would be acting on behalf of a local complainant.

It’s a very good idea.

This entry was posted

on Tuesday, April 28th, 2009 at 5:09 am and is filed under Law Enforcement, eCrime.
You can follow any responses to this entry through the RSS 2.0 feed.

You can leave a response, or trackback from your own site.