The Microsoft Cyber Army & the Judicial Power to Declare War, Part II

I've obtained a copy of the temporary restraining order that Microsoft obtained to shut down the Waledac botnet (which I reported on earlier here). The temporary restraining order is viewable here. If there has been no further legal action, the temporary restraining order expired yesterday. I am working on obtaining access to the court file to confirm whether or not Microsoft has gotten an extension to the order or if there have been any changes, but the court file is behind the PACER paywall, so I am trying to be careful not to incur large costs (currently I have no monetary sponsorships for the blog, nor advertising, so this is all coming out of my own pocket).

What is interesting about the above cited temporary restraining order is that it does not seem to actually do very much. News reports appear to have been exaggerated regarding Microsoft's actual actions (likely as a result of Microsoft's own self-praising blog post regarding the action). Unless the order has been subsequently modified, the order does not appear to give Microsoft any actual authority to do anything against these botnets. Most of the order simply enjoins the defendants from continuing to operate the botnets. The only action actually adverse to the defendants is an order to the domain host, Verisign, to lock the domains used by the botnets to prevent the defendants from deleting evidence or moving the domains to other hosts. This is a far cry from news reports championing Microsoft's action to take down the botnets. Within the next few days, I hope to have confirmation from the court regarding whether this was the final order, and whether an extension has been granted.

The Cyberwar Begins?

I don't have much time to comment on this now, but I just ran across this article discussing a recent upsurge in Chinese cyber-attacks targeting intelligence materials of other nations. NATO and the EU are particularly concerned, and likely primary targets. Take a look at the article, hopefully I'll get a chance later to more fully digest it.

Busting Butterflies: Mariposa Botnet Taken Down

Spanish authorities, with the help of private cyber security companies, have identified and arrested three individuals, whose online names are "jonyloleante," aged 30, "netkairo," 31, and "ostiator," 25. The three were identified as the ring-leaders of a massive botnet know as "mariposa." The network was started in 2008 and infected nearly 13 million computers. Over half the Fortune 1000 companies were infiltrated by the botnet, including over 40 major banks. The botnet was present in nearly 200 countries. Criminals purportedly used the botnet to steal identities, generate spam, and attack online targets. The individuals face up to six years in prison if convicted.

See the full AP article here.

The Microsoft Cyber Army & the Judicial Power to Declare War

This past Monday, an Alexandria, Virginia Federal court granted a request from Microsoft to allow Microsoft to take down tens of thousands of internet addresses that the company claims are linked to harmful hacking activities and botnets, specifically the Waladec botnet. Microsoft claimed the IP addresses listed in the request are involved in spam, virus propagation, and D-DOS attacks (distributed denial of service, an activity aimed at taking a server down by overloading it with countless computer requests).

The legal action allowing this order appears to be against numerous "John Doe" defendants. Since these parties haven't been identified, the action is proceeding more like an in rem action than an in personam action, or a proceeding against a thing instead of a person. Microsoft is basically suing the numerous computers that have been infected with the malicious code that allowed them to be wielded by hackers. Thus, there is no legal representation for the tens of thousands of computers that Microsoft has just been authorized to attack. Likely, numerous innocent non-hacker individuals are going to have their computers shut down by Microsoft hackers due to the infection that they have on their computer, potentially requiring hours of repair efforts per computer to remedy.

To add to the mysteriousness of this action, the order has been issued under seal to allow Microsoft to begin its attack without giving the hackers advance warning of what will be attacked. Considering the non-adversarial nature of the issuance of this order, and the fact that it was issued in secret, this order would appear more similar to a search warrant issued to police by a judge without any representation for the defendant. But even the police aren't usually given the power to attack the resources of innocent bystanders. The amount of power conferred by this order rises nearly to the level of the Congressional power to grant letters of marque and reprisal to privateers (a.k.a. pirates). Article 1 Section 8 Clause 11 of the United States Constitution (the same clause empowering Congress to declare war) gives Congress the authority to extend rights to privateers to attack and pillage enemies of the US (used during the Revolutionary War days to encourage pirates to attack British boats). However here a single judge authorized the act, instead of the two thirds of the House and Senate that would be required to grant letters of marque!

Hopefully the order will soon be unsealed for a more detailed inspection, and possibly even challenged, because this decision has the potential to greatly increase the judicial power to grant cyber-warfare powers to corporations and individuals.

Here is the link to Microsoft's complaint.

Anti-Trust Issues: Google and Toyota Probed

Amid all of the other issues Google has been facing lately (security intrusions, buzz complaints, censorship concerns, and the Italian criminal conviction), yet another has surfaced. European antitrust regulators are responding to complaints made by Google's European search rivals. They claim that Google's algorithms are downgrading their internet importance. Google fired back on its blog that it returns more relevant results than competitors, and, in effect, that is why they are mad and trying to cause Google trouble.

The commission in charge now must decide whether to open up a formal investigation. If they do, they will likely ask Google to reveal some of its top-secret search algorithms, leading to a potential standoff of epic proportions.

Simultaneously, US Federal authorities made raids on suppliers that have close ties to Toyota. They are likewise working to coordinate these efforts with the European antitrust commission to identify potential anti-competitive activities perpetrated by these suppliers. So far Denso International, Tokai Rika America, and Yazaki North America have been raided.

Its a been a wild day for anti-trust enforcers.

"Mini-Madoff" May Plea

Arthur Nadel, the man described as "Mini-Madoff," will likely plead guilty to at least some of the charges leveled against him, securities, wire, and mail fraud, sometime later today in a Manhattan Federal court. Operating out of Sarasota, FL, Nadel conned investors out of $360 million in a ponzi scheme similar to Madoff's. Nadel potentially faces decades in prison.

Dirty NY Top Cop Canned

In a story that broke a few days ago, Bernard Kerik, the former police commissioner of New York City, was sentenced to four years in prison for tax evasion and lying to federal officials. Kerik was a close associate of former Mayor Rudolph Giuliani, and was even nominated in 2004 by George W. Bush for the position of Secretary of Homeland Security. The background checks for the position were the start of Kerik's troubles. Kerik eventually admitted to tax evasion and receiving renovations from a construction company allegedly tied to organized crime which he helped to secure city contracts. The sentence he received of four years was only a year over the minimum federal sentencing guidelines sentence.