Sadly, unless they attack 'high profile' targets they pretty much do
get away with it. I would hope that various law enforcement agencies
would be concerned about people operating botnets that can number into
the 500k+ range, but a lot of them still view the whole thing as geeky
teenager shenanigans. This topic came up at a quarterly meeting I
attend and an FBI agent sitting near me said openly 'Well, why don't
contact us when these things happen' and that person was slammed with
a battery of 'because you don't do anything, nor do you care'. The
agent didn't agree with this assessment, but at the same time couldn't
think of any cases where DDoSers had gotten nailed for hitting the
'little guys'. As they said in the movie Mega Force, deeds..not words.

I think the biggest problem overall is that the botnet operators keep
their bots in countries that either don't understand or don't care
(and in a few cases, I wouldn't be surprised to find that their
botnets are state sponsored). At that same meeting I attended there
was a great presentation on botnets and the presenter explained the
challenges and frustration of trying to find relevant agencies and
helpful people to listen to his issues. However, he did come up with
two good points I'll pass along.

1. Look for regional CERT organizations. They, since they are in the
region and are computer security folks, will have a clue and will
probably be able to point you to the correct law enforcement agency.

2. If you are American*, call that country's US embassy and ask to
speak to the Security Director. Its the SD's job to be in touch with
various local law enforcement. The presenter said he had great results
talking to the regional SD on an issue

*Basing that off his experience, not sure how other countries set up
their embassies, but may work for you too. YMMV

firewall-wizards mailing list