[100020] in North American Network Operators' Group
Re: How to Handle ISPs Who Turn a Blind Eye to Criminal Activity?
daemon@ATHENA.MIT.EDU (Michael Smith)
Fri Oct 12 17:34:15 2007
In-Reply-To: <20071012.001848.11807.3@webmail03.vgs.untd.com>
Cc: nanog@nanog.org
From: Michael Smith <mksmith@adhost.com>
Date: Fri, 12 Oct 2007 14:26:25 -0700
To: Paul Ferguson <fergdawg@netzero.net>
Errors-To: owner-nanog@merit.edu
On Oct 12, 2007, at 7:18 AM, Paul Ferguson wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This question is part reality, part surreality.
>
> Let me ask you this: What would you do when you have alerted
> (via abuse@ contacts) a notable ISP in the U.S. (not a tier one,
> and not just one of them) about KNOWN, VERIFIABLE, and RECURRING
> criminal activity in their customer downstreams?
>
> And the downstream(s) do not respond? And the criminal activity
> continues?
>
> The most obvious answer is: Gather evidence, contact law
> enforcement.
>
> Right?
>
> I just wanted to reach out the NANOG on this and see what you
> thought... How would you handle it?
>
> - - ferg
>
>
We did exactly that with a similar incident and the local FBI Cyber
Crimes folks told us that they couldn't help us because they were
entirely dedicated to potential terrorist activities. So, I would
say "contact local authorities and play it up as a terrorist act" if
you want any help at all.
Regards,
Mike
