Q&A: Luis Corrons on taking down cyber criminals

gallery

Bringing down cyber criminals is no simple task. Not only is the internet a place where anonymity is easily achievable, but hackers have been honing their skills to remain undetected when attacking.

However, there have been a number of successful cyber crime investigations this year, most notably the one that culminated in the arrest of the Mariposa botnet mastermind.

With these concerns in mind, we spoke to Panda Security technical director Luis Corrons, a man who has been heavily involved in the Mariposa case, about the best way to battle with the baddies.

Last time we spoke, we talked about your involvement in the Mariposa case. How has the saga developed since then?

Mariposa, as we know it, that botnet is dead. There are still computers infected, but they have no control. There is no problem.

The bot was created by this guy Iserdo, who was in Slovenia. We didn’t talk about that guy back in March because the police said "don’t mention this name."

He was arrested around a month ago. The good thing is that… we know this guy had sold several hundred different bots to different people, so that means there are other Mariposa-like botets out there and maybe with information that the police have taken from Iserdo, we can work on taking those down.

With this arrest, we have cut off the head. That was the guy creating all the malware for this. No one else is going to buy anything from him I hope.

Mariposa was a fairly big case, and one that was to some extent successful for the good guys. Why was it a success and what is the best way to take on the bad guys?

We are having some discussions within the industry to see what are the best ways to do this. The thing is, we believe it is impossible to end cyber crime, just as it is impossible to end crime in real life, but we have to make things difficult for criminals.

Which is the best way? Of course, if we could do as we did with Mariposa, arresting the people controlling and creating the botnets, that would be great but that doesn’t work in most cases.

We were wondering what it would be like to go undercover, to be able to infiltrate different gangs of cyber criminals so we can gather a lot of intel - that would be great but there are problems with that.

The first one is that it is a long-term thing. [You can’t] go to your company and say: “You know all the money you are paying to me? I’m not going to do anything for you, but [will be working on] one investigation. It’s not just me either and its going to be for a few years.” That is hard to justify.

Another problem is that sometimes if you want to infiltrate and you have to be one of the criminals, you have to do things that you shouldn’t. In that case, you need to be with law enforcement. We have to find ways to cooperate even better with law enforcement.

Email to a friend

Print this page