NEWS FROM THE LAB - Tuesday, January 27, 2009

Is it Time for Internetpol? Posted by Response @ 20:49 GMT

Our recent sinkhole research on Downadup has generated some debate in our Comments.

Some readers are asking why we don't take it upon ourselves to disinfect the worms that visit our sinkholes.

Toni has provided a good answer to that question.Interpol

Putting it briefly, we are not the law, and as a publicly traded company bound by laws, we simply cannot act as vigilantes.

Why? Well, a few of the infected IP addresses that we have logged are registered to an army (or two), a navy, and few governments. We are certain that unauthorized use will most definitely not be appreciated.

However, we do NOT sit idly by.

Each and every day we collect data from our analysis and forward it to relevant law enforcement authorities, ISPs, partners, various CERTs, et cetera.

They are the ones that have the legal authority to take action within their territories.

Still — it seems that people want a champion that can make big command decisions. Perhaps it would be a good time to bring up the idea of Internetpol again? Mikko briefly mentioned it on December 12th, it was the topic of his AVAR 2008 keynote. The idea was also mentioned in our third quarter security summary.

Do you want an organization with international legal authority to act against Internet threats?

You do? Then perhaps it's time for some kind of Internetpol…