Cyber Crime · cyber security · Cyber warfare · Cybercrime · Cybersecurity · cyberwar · Homeland Security · Information operations · Microsoft

Microsoft is waging cyberwar!

Closeup of a stone sign bearing the Microsoft ...
Image via Wikipedia

Legal cyberwar, now that’s a welcome relief!

I was part of a conversation last year, the evening that Microsoft took down the Waledac botnet on February 25th, 2010.  The conversation involved a number of seniors from the US Department of Defense and a senior at a very large defense contractor. I didn’t know a lot of details of the takedown at that point, I later found out that Microsoft had been granted permission by a federal court to take over the domain name, effectively shutting down a spam botnet.

As a small sidenote to that evening, it was the consensus of these seniors and of the rest of the 10 to 15 ‘insiders’ was that industry (mostly defense contractors) was much more capable of ‘fighting’ in cyberspace than was the government.  At the time, don’t forget, I didn’t know this meant waging war through the courts.  ‘We’ might have thought that corporations might have some capabilities that the government does not have.  I am not excluding cyber weapons or other cyber capabilities, please notice.  The possibility was left open and available.  As far as I know, however, this was the extent of how these capabilities were discussed and I’m certainly not aware of any use of any of these capabilities.

Back to the point.

Microsoft has launched yet another salvo in the legal war in cyberspace, again against a botnet – the Kelihos botnet.  This time, however, there is a difference, we have a name. Dominique Alexander Piatti is the named defendant, plus 22 “John Does”. Incidentally, Dominique Alexander Piatti was also connected with a drug scam alert this past July.  The domain name is the same:, as he is a Czech Republic citizen. The botnet is supposed to be relatively small, capable of launching only 4 billion spam emails per day.

This issue has been discussed on literally hundreds of other websites, so why should I write about this?  I’d like to point out the obvious. Here we have a case of a large corporation ‘taking down’ a botnet and the only involvement the government has is a rubber stamp approval.  A federal court judge taps his gavel and the request for taking down a domain and all sub-domains is approved.  This indicates to me that a corporation is taking care of me, a private citizen.  It also indicates that the government cannot or will not protect me.

So…  why is there a DHS?  Isn’t DHS supposed to help protect me?  If they’re working with Microsoft in this effort, why aren’t they telling us?  Why aren’t they taking the lead and launching an army of lawyers against these botnets?   I already know that the US Cyber Command only protects DoD computer networks and systems, so this is not questioning them, I just want to let you know I’ve at least considered that option.

DHS does not have the resources to protect US citizens, US corporations or any other government infrastructure beyond the critical infrastructure. Yet it is their mission to provide Homeland Security. When will DHS step up to the plate and perform their mission? Do we need a Department of Microsoft instead?


9 thoughts on “Microsoft is waging cyberwar!

  1. Calling this “legal cyberwar” — or “cyberwar” at all — seems hyperbolic, sensationalism that might succeed at gaining attention more than promoting rational, factual debate.

    Microsoft is simply exercising their right to use civil legal process against those who are harming others. Microsoft is showing the court how it and its customers are being harmed and is asking the court for relief, or assistance in obtaining evidence for further legal process. While this application of legal process against botnets is new, being creative and aggressive about using legal process is not “war”. Nor is it “rubber stamp approval” by the government, or a simple “tap of a gavel.” To suggest that dishonors and diminishes the role of the Judicial Branch of our government.

    DHS is also not the appropriate government agency to contrast with. That would be the Justice Department, who pursues legal process (both criminal and civil) for the USG, and is free to do so even now. Microsoft’s actions in court with these botnet takedowns in no way precludes or replaces legal action by the government. The U.S. Government’s role is not being substituted by these actions. Calling the existence of DHS into question here because Microsoft goes to court is a non-sequitor, and suggesting a blending of corporations with government for expediency is, in my humble opinion, dangerous. If anything, Microsoft’s actions can show the way for the Justice Department, Federal Trade Commission, or other Executive Branch agencies, to take similar actions.

    As I read this blog post, the important point is gaining the technical knowledge necessary to know how to structure the legal and technical plans for a botnet takedown in a safe and ethical manner. This is not easy and takes a lot of effort. Should it be a surprise that budget-squeezed federal government agencies won’t or can’t risk the cost, or the possibility of losing a novel legal argument in court? The capacity to protect self and others depends on having the resources and the commitment to do so. The Federal Trade Commission and Justice Department both could be doing this, provided the funding and political will was there.

    1. Mr. Dittrich,
      David, excellent response! From your grasp of both the language and your intimate knowledge of the field, I will take a wild guess that you are part of this process and part of Microsoft’s success story!
      Good call on this being Justice’s responsibility, and I agree, it’s been a long road since this was viewed as a cyber crime and not an ‘act of war’. Ten years ago, after I had been working this for about five years, the FBI and Justice kept telling us ‘but there’s no money lost, therefore there’s no crime!’
      It’s almost a sin and a shame, to use your words that “Microsoft’s actions can show the way for the Justice Department, Federal Trade Commission, or other Executive Branch agencies, to take similar actions.”
      Who at Justice? Who at the FTC? Who else? Have any names, contacts, advice? I’ll keep the heat up…

      Oh, and I plead guilty, the title is sensationalistic. On purpose.

    2. Mr. Dittrich, in regards to your point that the case is just about Microsoft protecting its customers, I’d like to point out that lots of court cases set precedent and have outcomes that may or may not have been explicitly intended. Maybe I have an overly-active imagination, but it is not beyond my expectation that good-willed government service employees inside government entities responsible for but unprepared to fight cyber crime could ‘encourage’ companies to use this legal precedent to engage in war through court-mandated attacks.

  2. Great point. And I bet presidential hopeful Mitt Romney would agree, but he would say judges are actually allowing individuals, arranged as corporate militias, to wage international cyberwar…As he said in April “Corporations are people, too, my friend.”

  3. As a Czech citizen, I applaud Microsoft for being able to catch this medium fish jerk and a fellow Czech citizen, especially when his name sounds French/Italian/Spanish. Italian botnet bosses deserve to be caught and tortured, especially after AC Milan defeated FC Viktoria Plzeň, my hometown, 2-to-0 in UEFA Champions League. The biggest bastard among the italians was Zlatan Ibhrahimovič (who scored the first penalty which shouldn’t have been prescribed at all) which sounds as a Yugoslav Bosnian mixed with an Islamic terrorist but he is actually a Swedish soccer player playing for an Italian team. The nationalities in Europe may sometimes get mixed up haha.

  4. Dear Luboš Motl,
    I appreciate your comment, but would you mind if I edit your comment and take out the last two sentences? It’s way off topic and could make it spam…

Comments are closed.