The International Cyber Cop Unit

coondoggie writes "A group of international cyber cops is ramping up plans to fight online crime across borders. The unit, known as the Strategic Alliance Cyber Crime Working Group, met this month in London and is made up of high-level online law enforcement representatives from the U.S., Australia, Canada, New Zealand, and the United Kingdom. One of the main goals of the group is to fight cyber crime in a common way by sharing intelligence, swapping tools and best practices, and strengthening and synchronizing their respective laws."

We should sic em on the MAFIAA

[Finallyjoined!!! (1158431)]

As they are patently criminal organizations. :-)

Re:

[webmaster404 (1148909)]

We should sic em on the MAFIAA

Chances are they are taking orders from the *AA. Only enforcing draconian laws like the DMCA and not doing any real work done, as most government agencies do, never stop the real criminals but stop the easy "crime" that everyone does.

Re:We should sic em on the MAFIAA

[Opportunist (166417)]

Duh. Which headline is the better PR?

"Millions spent, no communists/terrorists/badguyofthemonth caught"
or
"Sting busts ring of (insert random number) illegal filesharers".

When you run security like a profit center (i.e. compare money spent to criminals caught), which ones would you go for? The ones that are hard to catch but pose a threat, or the ones that are easy to catch even though 99% of the population don't care about their 'crime'?

PIGS IN CYBERSPACE!

[Jeremiah Cornelius (137)]

First against the wall, when the revolution comes.

Re:PIGS IN CYBERSPACE!

[PopeRatzo (965947)]

Way to advocate the murder of cops.

Excuse me, douchebag, but before you get all exercised about the notion of poor, noble boys in blue fighting crime on the mean streets of our cities, remember, these are "cybercops" we're talking about here.

They'll be the same ones who listen in on our phone calls and pressure ISPs to give up subscriber info. They'll be the same ones who monitor the surveillance cams and figure out ways to leverage your credit or medical records against you.

Calling them "cybercops" gives them too much credit. They're the toadies working for Big Brother.

And all the GP said was "first ones against the wall". He didn't say what happens next. That was your own imagination at work, son.

Re:PIGS IN CYBERSPACE!

[AlecC (512609)]

Just becasue they are cybercops does not mean that they are necessarily bad guys. Cybercops, like any kind of cops, are a necessary evil: laws must be enforced, so we need law enforcers. If people would do the right thing without enforcers, you wouldn't need a law to tell them to do so. (Or course, laws which cannot or should not be enforced should be repealed; see you local legislator about this, not the police.) The problem is not the existence of cops, not (within broad limits) their powers. It is the checks and balances that need to be in place to ensure that their powers are not exceeded and that they are used in pursit of the ends for which they were allocated.

I absolutely accept that there is a need for police to tap electronic communications at some times. But not at any time a single policeman, however senior, thinks that he would like to. It is not tapping that is bad, it is tapping without a warrant. The executive branch needs some oversight, which is usually provided by the judicial branch i.e. the policeman needs to get a warrant from a judge, whose appointment needs to be transparent enough to ensure that he is not in cahoots with the policeman.

So I think your knee-jerk response to the concept of cybercops is excessive, and damaging. I want them bugging Osama bin Laden's phone calls. I don't want them bugging my, or my neighbours (equally innocent of major crime, though probably mostly guilty of the odd misdemeanor) phones. And i want to know who, and how, it watching to see tha this is so. But I don't want the head in the sand attitud of "they are all evil". They won't go away, and you may make them evil becasue, since you assume they are evil, they have nothing to lose by being evil. Support your local cop *if* he can show he is squeaky clean.

Re:

[Jeremiah Cornelius (137)]

Voters can't find their US towns on the map. :-(

Another Cyber Control Group?

[PC and Sony Fanboy (1248258)]

Just what we need, another vigilante group patrolling the intertubes. As if the americans didn't have enough of these already.

Re:

[Brian Gordon (987471)]

That is what we need. What we don't need is a semi-legitimate government-sponsored group operating way out of their legal jurisdiction.

Re:Another Cyber Control Group?

[sasha328 (203458)]

Just what we need, another vigilante group patrolling the intertubes. As if the americans didn't have enough of these already.

Could you please elaborate on how you define the FBI, AFP, NZP, RCMP and the Scotland Yard as vigilantes?

It is really frustrating the kind of responses to this kind of story. I wonder what the slashdot troll would write when or if this agency manages to arrest a nasty spammer. My guess it'll probably be in the YRO section decrying the freedom to spam.

Nice name for a group

[Weaselmancer (533834)]

Strategic Alliance Cyber Crime Working Group. Sounds like a straight to DVD Jean-Claude van Damme movie.

Re:

[explosivejared (1186049)]

Well you see... no one ever expects the Strategic Alliance Cyber Crime Working Group!! Among their many weapons are a fanatical devotion to fighting cyber injustice and an acronym that rolls sweetly off the tongue...

You see where I'm going with this.

Re:

[Opportunist (166417)]

SACCWG rolls sweetly off your tongue? Do you speak a slavic language by any chance?

Re:Nice name for a group

[mrbluze (1034940)]

Strategic Alliance Cyber Crime Working Group.

SACCWG sounds really stupid if you try to pronounce the mnemonic. How is anyone gonna remember that?

What about "Universal Working Alliance Networking Cybercrime Knowledge", or something?

Re:Nice name for a group

[mrbluze (1034940)]

Incidentally, I suspect at the announcement of the aforementioned committe, a counter-committee is being secretly formed as we speak:

"Fellowship Undermining Cybercop Knowledge - You Obviously Understand"

Re:Nice name for a group

[TheLink (130905)]

Nah the first thing I thought of when I saw the countries participating was ECHELON.

I think they're probably going to scare the people to help justify spying and dubious stuff (like the spread of nasty policies to other countries).

I'm personally not afraid of all that malware, while there are lots of bots, there aren't that many hackers out there actually controlling those bots.

The fact that the cops have done little is mainly because it is not a priority. After all they could always follow the _money_. I am sure that some of the money trails will lead to their jurisdiction. Then you could also do stings.

I'm more afraid of the policies and laws that will result from this "cooperation", because they will probably try to infect other countries with the resulting mal-laws.

Yaaawwwn!

[domatic (1128127)]

Wake me up when they send in the Navy Seals to kill spambot herders.

"Cyber Cops"?

[webmaster404 (1148909)]

Do we really need more laws/people trying to "protect" us online? It has already been proven with laws like the DMCA that congress has no clue how the internet/modern technology works. And adding law enforcement is just an excuse to add more laws that do nothing but annoy us law abiding citizens. And also, if white hat hackers can't get the real criminals, there is no way that these "cyber cops" are going to be able too unless they say control a botnet. This just is more excuse to block "warez" and "piracy".

Re:

[Fear the Clam (230933)]

So long as they track and kill spammers in their 20% creative time it's cool with me.

Re:

[Opportunist (166417)]

You know, I just read that "piracy" as "privacy". Now I wonder what Freud would say about that...

Another unPolice.

[gnutoo (1154137)]

The US can't get the FBI, CIA and NSA to play nice with each other or the hundreds of state and local athorities. I'm supposed to believe that there will be real international cooperation? Yet another UN police force, what a joke.

I'd like to see bot hearders busted but I don't have any faith in this new super team to get it done. What we will probably see is this team putting pressure on other governments to support imaginary property. At it's worst, it will be used to track dissidents and limit free speech world wide, while criminals continue to do what they always have.

Re:

[webmaster404 (1148909)]

Honestly, unless these people have TONS of bandwidth (or tons of Linux install CDs) there's no way they can take down these botnets. All these people are going to do is try to stop "piracy" because that's all they probably can do, it doesn't take a genius to think that other botnet-overlords have already tried to take down rival ones with theirs and obviously failed.

Re:

[susano_otter (123650)]

Why is "tons of bandwidth" the critical resourc for taking down these botnets?

Re:

[webmaster404 (1148909)]

Why is "tons of bandwidth" the critical resourc for taking down these botnets?

Denial of service attacks or similar. Seeing as they probably won't be able to either be legaly threatened enough or hacked into it disables them for a bit.

Re:Another unPolice.

[99BottlesOfBeerInMyF (813746)]

Honestly, unless these people have TONS of bandwidth (or tons of Linux install CDs) there's no way they can take down these botnets.

I've sat in on talks from several different security researchers who infiltrated botnets and reverse engineered them. That doesn't take a lot of bandwidth. It takes a few honeypots, a decompiler, and and IRC client. They could also have issued a command to redirect the entire botnet to a new control channel under their control and from there disabled the botnet, even patching the vulnerability used to gain control in many cases. People don't do that, not because it isn't possible, or they need more bandwidth. They don't do it because of the legal liability. They have no authority to take control of other people's machines (even if someone else also has control). Worse in many cases, what if they try to patch it and the patch fails? Well, then the researcher is liable for any damage than ensues. No one wants to take that risk.

Stealing bots from other botnet herders is already common practice among crackers. It is perfectly possible for cops to steal them back, it just is a legal nightmare to do so, especially if you aren't even sure whose jurisdiction all those machines are in.

Re:

[99BottlesOfBeerInMyF (813746)]

I would love to hear more about these meetings you say you have been apart of, I am not challenging you per say, but more so the content of those meetings, if they could have interceded in those botnets, they would have already, sending to ISPS all the clients on the list with compromised machines, or emails to each owner of each machine...hell even take over the control until they find something to do with them, legally speaking.

"They" in this case refers to researchers at two different, private, network security firms, one of which was my employer at the time. They provide security devices and services to pretty much every tier 1 ISP in the world. They absolutely do create lists of infected host IPs, by traffic consumption, worm, etc. They can export the data as XML (among other formats) to automatically create mailing lists to notify users that they are infected. I don't know of any major ISPs, however, who actually took that s

Re:

[mrbluze (1034940)]

At it's worst, it will be used to track dissidents and limit free speech world wide, while criminals continue to do what they always have.

Maybe. Crime is difficult to fight. They aren't doing anything stupid by comparing methods but you're right that crime requires a determination by the police to be honest and genuine, otherwise it will back-fire. Oh and the crime fighters actually have to be intelligent/educated, which is often a major problem.

alphabet soup

[v1 (525388)]

"saccwg" doesn't exactly roll off the tongue. What happened to the awkward "searched the entire dictionary to put this together" acronym that tries to say what they do in a single word?

Re:alphabet soup

[webmaster404 (1148909)]

All the F/OSS projects already took them all.

Re:

[v1 (525388)]

ok time for me to dig around for my tinfoil hat. I was THINKING about your .sig when I made that post. you are a scary person.

Re:

[xstonedogx (814876)]

It doesn't quite fit, but my brain has already started parsing it as "Sacagawea".

Re:alphabet soup

[ScrewMaster (602015)]

Could just shorten it to "sack-wag" because of all the dicks that will be present.

Re:alphabet soup

[SeaFox (739806)]

"saccwg" doesn't exactly roll off the tongue.

It does for a wookiee.

You realize what they really mean

[tkrotchko (124118)]

This is going to end up as a copyright/RIAA/MPAA task force to fight the evil copyright pirates putting women and children out of work, right?

It's inevitable.

Re:

[Perseid (660451)]

I wish I could agree with you but I can't. History has shown that most governments care much more about piracy than they do child porn rings.

Re:

[Opportunist (166417)]

Duh. The mafiaa pays taxes, kids cost taxes. Which one do you think gets protection from governments?

UKUSA intelligence sharing to become stronger?

[Aaron England (681534)]

It is interesting to note that the countries named as part of this Strategic Alliance Cyber Crime Working Group, are also part of the UKUSA community [wikipedia.org]. This is significant because said community forms the alliance of nations that is responsible for ECHELON [wikipedia.org], a program that collects and analyzes signals intelligence from all over the globe.

I don't want new laws, but...

[j0nb0y (107699)]

I don't want new laws, but we have to realize that cyber crime is a global problem.

If law enforcement can't cooperate internationally, then law enforcement isn't going to be very effective against cyber crime.

On a different note, didn't we move past the whole "cyber" thing a long time ago? We should call it "Internet crime" or computer crime instead. "Cyber crime" is lame.

Re:I don't want new laws, but...

[Opportunist (166417)]

Computer crime is an international issue. Botnets, phishing and spam is an international problem, with the criminals sitting safely somewhere in countries that have other (read: real) problems than dealing with something like this. I mean, if you have thugs mugging people on the street in daylight, you have better things to worry about than someone sitting at home robbing people abroad.

And this won't change. Do you really think that developing countries are going to put a lot of effort and manpower behind trying to solve crimes abroad? At best, they don't care (for the reasons outlined above). At worst, they are quite happy about someone bringing in some desperately needed foreign money. If anything, they will budge under international pressure and put some token effort into it, some kind of show but no substance.

Are these ...

[PPH (736903)]

... the same netkops that get after everyone for misspellings and top posting?

Re:

[hack slash (1064002)]

Top posting?

"... the same netkops that get after everyone for misspellings and top posting?"

So where does the $67 billion go?

[LM741N (258038)]

67 billion dollars is a lot of money. Where the hell is it going? Is Uncle Scrooge on the loose filling his money bin? Its hard to imagine that much money just sitting somewhere and never being spent. I mean, that is the purpose of money- to spend.

International Cyber Unit

[CrazyJim1 (809850)]

Heh heh heh.

This might even be a good idea...

[david_bonn (259998)]

Y'know, I'm feeling I need to play devil's advocate here.

I'm not exactly trusting of the intentions of the fine people doing this, and I'm even less trusting of their ability to implement even good ideas. That's probably not fair but I'm pretty sure I'm not the only one who feels that way.

If you've ever tried to actually deal with law enforcement on a computer crime, you run into pretty wicked problems both of jurisdiction and technical competence. While the latter problem has improved somewhat in recent years, the former problem still exists (and is arguably worse, twenty years ago your trail wouldn't run cold in Moldova or Pakistan or Vietnam).

This means there is a real problem to be solved here. It also seems to me that the problem has technical, political, and legal aspects. That implies any solution is going to be ugly.

Having the Internet be a separate jurisdiction with its own courts and its own police makes more sense than the mess we have now.

24/7 chat room sit ins

[AHuxley (892839)]

They can pass off to others via a 2nd or 3rd person to provide 24/7 logs of a chat room.
Cute.

Haha!

[rindeee (530084)]

They're no match for the "the world's most formidable hacker posse" [wired.com]!!! Round 'em up ya'll! Oh bother, I'm so disenchanted with all this that I can't even make jokes any more. Just what we friggin' need, yet another l33t cyber-whatever group to keep us safe.

I'm trying to picture it...

[dave562 (969951)]

"Put down the zero day and come out with your hands up!"

"Drop the assembler and nobody gets hurt!"

"All of your bases are belong to us!!"

??????

Re:

[owlnation (858981)]

Let's see the United Kingdom, the United States, Australia, Canada, and New Zealand. Shouldn't we call it the Commonwealth Cyber Crime Working Group?

It's been a while since the United States was part of the Commonwealth. There was a tea party, remember? However, you could consider it an IngSoc Cyber Crime Working Group, or an Oceania one. That would be accurate on more than one level.

The only laws we really need relating to this are laws that protect us from our "protectors". Not likely to happen thou

Re:

[Opportunist (166417)]

The US have always been part of the Commonwealth. There never was a tea party. Everyone knows that.

Now please report to room 101 for readjustment.

Re:

[ThePeices (635180)]

We would, if the US was part of the commonwealth, which it is thankfully not.