DOJ Gets Court Permission To Attack Botnet

itwbennett writes "In an unprecedented move, the Department of Justice (DOJ) and the FBI have been issued a temporary restraining order that will allow the FBI and the US Marshal for the District of Connecticut to set up servers at the Internet Systems Consortium or other ISPs that would stop infected computers from continuing to spread the Coreflood virus, according to court records. This week, the DOJ and FBI seized five servers that controlled Coreflood-infected computers, the DOJ said in a press release. The agencies also seized 29 domain names used by the Coreflood botnet to communicate with the servers."

Governet

[cosm]

The Connecticut criminal complaint said a Michigan real estate company lost more than $115,000 to fraudulent wire transfers because of the Coreflood virus. A South Carolina law firm lost more than $78,000, and a North Carolina investment company lost more than $151,000, the complaint said. A defense contractor in Tennessee lost more than $241,000 due to the botnet, the complaint said.

Emphasis mine. I wouldn't expect any less out of firms like this first of all. They really need to change the keyboarding classes in high-school to teach basic do-not-download-stupid-shit classes. And second of all, FTA:

"Botnets and the cyber criminals who deploy them jeopardize the economic security of the United States and the dependability of the nation's information infrastructure," Shawn Henry...said in a statement.

Obviously, the internet is now truly Serious Business. DHS, Ice-Raids, I hate to say it but as other /.ers have said in the past, we are entering the downward slope of the golden age of the internet, the gub'ment is now all up in our intertubes for good. Hide yo pron hide yo second life.

Re:Governet

[cosm]

I was being a bit satirical, I do understand the important global ramifications of our great communication medium, but I still split the blame equally between evil botnet operators and poor IT practices. I would agree that the necessity for government intervention is there, albeit with things like the Patriot Act and aforementioned ICE-raids I get leary when things like this start to set precedents.

Possibly a non-jackbooted response

[russotto]

I haven't found the order itself, but the request is here [fbi.gov]

If that's what they were granted, it looks remarkably restrained. It actually specifies the servers in question (it's not just a blanket "We get to grab anything we claim is a C&C server, now or in the future").

The part the article seems to be going on about is "A permanent injunction that requires the Defendants to uninstall Coreflood on any computers not owned by the Defendants and authorizes the operation of a substitute command and control server to give effect to the Court's orders;" This is pretty radical, in that it lets the FBI operate the botnet at least in so far as to shut it down. But it doesn't give them any authority over computers which aren't already infected.

Re:Governet

[Anonymous Coward]

Asset seizure, both permanent and temporary, is a power granted by both judicial and municipal civil institutions all the fucking time. If you own property on which a crime has been committed, it sucks to be you, but you lose some control over that property while the crime is being investigated. Cities can and do seize and destroy property on grounds of being hazards to the public: environmental, health, criminal, etc. This action is trivially defensible on similar grounds.

Certainly procedures should be established, adhered to, and audited to help ensure this power isn't wielded indiscriminately. But pretending that it has no precedent is either naive or disingenuous.