[ISN] Want ‘perfect’ security? Then threat data must be shared

http://www.infoworld.com/t/cyber-crime/want-perfect-security-then-threat-data-must-be-shared-242383 By Roger A. Grimes InfoWorld 2014-05-13 Here’s a surprise for you: We actually have a fairly good understanding of who is attacking us on the Internet and why. Various entities know not only which groups are doing the attacking, but also the names of the people in those groups. They know where they live, who their family members are, where they went to school, and when they go on vacation. A great example of this is the Russian Business Network crimeware group. With a little searching, you can find a decade of evidence trails, pictures of the leader, and even business relationships. Want to see who’s sending all that spam? Then check this link out [1]. Want to know who is doing most of the industrial espionage? Then read this report [2]. They even give you the hacker’s physical address. When I tell friends about this, especially after their computer has been thoroughly compromised, they ask the obvious: Why aren’t these criminals in jail? The answer is pretty easy. For the most part, these criminals work across international boarders, so there are issues of legal jurisdiction