Making Intelligence Actionable: Part 2
Last Updated: 2008-10-30 16:53:40 UTC
by Kevin Liston (Version: 1)
In addition to making malware and vulnerability intelligence actionable for the system administrator, there is also the problem of making intelligence actionable to victims and law enforcement. >
There are three different players in this scenario: the researcher, the victim, and the law enforcer.
This is nice and simple, right? Except that there are limitations in how these three players are allowed to communicate and cooperate. Researchers can only talk to law enforcers on a “intelligence only” basis. Law enforcers can’t build cases without victims. Victims don’t always know that they’re victims or that their case, when added to others’ can actually have an impact.
There are a few forums that attempt to link these three groups. They still need some development.
If you’re a home-user or small business, consider reporting to the Internet Crime Complaint Center (http://www.ic3.gov.) If you are a larger organization consider joining one of these information-sharing forums.