, SecurityFocus 2000-04-24
Busting 15-year-old script kiddies just makes us all look silly.
The Canadians aren't stupid enough to give up one of their children to the country that invented zero tolerance.
Now, don't we all feel just a little bit silly.
It's easy to understand why law enforcement would take pride in the bust, which was achieved with a new level of technical competence and overall cooperation. Atlanta FBI agents reportedly scoured logs at CNN and traced bogus packets back to a California university. Los Angeles FBI agents tore into the U.C. Santa Barbara logs and learned that the perp connected from an ISP in Montreal. The Mounties took over from there, and it all ended with a wiretap on the suspects' phone line, and, two months later, a raid on his home
The investigation was a textbook for the new generation of tech-savvy cybercops who can read router logs, or enlist others to read router logs. The press releases say it all. FBI Director Louis J. Freeh boasted of "the strengths to be drawn from an international law enforcement/private sector partnership"; Janet Reno, "our capacity to track down cyber-criminals wherever they may be." The Mounties crowed that their efforts created "the opportunity to bring light on [I]nternet attacks that have strongly shaken the heart of electronic commerce worldwide..."
And hidden between the lines you can faintly read the long, depressed groan: Why'd it have to be a 15-year-old old?
The silliness of it all is compounded by a Canadian law that shields the juvenile's name from disclosure, forcing high-level law enforcers to refer to him by his chosen moniker. Try it in a hypothetical sentence, like, "We intend on ensuring that the full force and power of the law is brought to bear..." on Mafiaboy. "Today we send a powerful message that lawlessness will not be tolerated" by Mafiaboy. You see the problem.
The Canadian cops admit that Mafiaboy wasn't even a precocious evil genius, like the kid in RoboCop II. He was just a young teen who allegedly got a hold of some pre-fab DDoS tools and, whipped into a frenzy by the .com attacks that were already grabbing headlines worldwide, launched a copycat assault of his own. He stupidly bragged about it on IRC. He behaved like a 15-year-old.
So what's the point in busting him?
We now know that the Internet wasn't designed to shoulder a new economy, and we'll need some fundamental improvements before a teenager will have any problem clogging up web sites. Our international, coordinated efforts would be better directed at encouraging academia to lock-down its high-bandwidth, low-security networks so they can't be aimed like fire-hoses at innocent media giants in the future.
Don't get me wrong: I'm not saying the DDoS attackers are heroes. Mafiaboy isn't the innocent child who pointed out that the Emperor has no clothes; he's one of many guilty children who pointed it out by throwing things at the Emperor's privates - a more serious offense.
But Mafiaboy isn't going to be extradited to the U.S -- the Canadians aren't stupid enough to give up one of their children to the country that invented zero tolerance. And he probably won't do any time in Canada, where his antics are considered "mischief to data" instead of "computer fraud and abuse."
So let's learn something from this. The February DDoS attacks on Yahoo, Ebay, Amazon.com, Excite, ZDNet and Etrade are still unsolved. I say we don't even bother nabbing the other culprits, lest they turn out to be even younger and less ingenuous, and, by dint of their immaturity, make the .com world and our law enforcement agencies look even more ridiculous.
The FBI should be nailing kidnappers and the Mounties busting, I don't know, Snidely Whiplash. Let's throw Mafiaboy back; there's bigger fish to fry.