Want 'perfect' security? Then threat data must be shared

[InfoSec News <alerts () infosecnews org>]

http://www.infoworld.com/t/cyber-crime/want-perfect-security-then-threat-data-must-be-shared-242383

By Roger A. Grimes
InfoWorld
2014-05-13

Here's a surprise for you: We actually have a fairly good understanding of 
who is attacking us on the Internet and why. Various entities know not 
only which groups are doing the attacking, but also the names of the 
people in those groups. They know where they live, who their family 
members are, where they went to school, and when they go on vacation.

A great example of this is the Russian Business Network crimeware group. 
With a little searching, you can find a decade of evidence trails, 
pictures of the leader, and even business relationships. Want to see who's 
sending all that spam? Then check this link out [1]. Want to know who is 
doing most of the industrial espionage? Then read this report [2]. They 
even give you the hacker's physical address.

When I tell friends about this, especially after their computer has been 
thoroughly compromised, they ask the obvious: Why aren't these criminals 
in jail?

The answer is pretty easy. For the most part, these criminals work across 
international boarders, so there are issues of legal jurisdiction -- and 
their home countries often can't or don't want to stop them. Even if we 
have all the evidence in the world, we can't just invade a country and 
arrest its citizens. Yes, many countries do have treaties that support 
extradition, but most countries don't. Not surprisingly, the countries 
with the most prolific hacking cultures don't, which why most of the 
world's malicious hackers live in them.

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/