Team Cymru's Botnet Analysis and Tactical Tool for Law Enforcement (BATTLE) has been providing police from 31 different countries with information on botnet command and control servers for over a year. The tool was today massively expanded to include phishing sites and malware download locations, making it the largest free repository of data for law enforcement of its kind.
Rich Cummings, General Counsel of Team Cymru stated, "While there are stringent safeguards to ensure that only bona-fide police get access to this data, the site will have an immediate and powerful impact on criminals that infect our computers and steal our money."
Steve Santorelli, an ex-Scotland Yard detective and now Director of Global Outreach at Team Cymru added, "Cyber crime investigations are still based on a geographic model - you need to be able to justify why you should start an investigation before you spend resources looking into it. This system solved that hurdle as it shows instantly where computers used by criminals are physically located, it's a little like Google Maps but allows the police to zoom in on criminal's computers and get enough leads to open a case."
Police can receive automated e-mails when a criminal starts to use a computer in their jurisdiction and log on for more information about what it's being used for.
They see these computers as pins on an interactive map which can be panned and zoomed into specific regions and countries. Mousing over the pins reveals details of that computer and clicking on the pin brings up details of the hosting and a history of the criminal activity that the system has been used for. The data is updated every 24 hours. Investigators can then complete a brief online request to ask for further detailed intelligence regarding any of these machines.
To see the tool in action, see https://www.team-cymru.org/Services/battle.html and http://www.youtube.com/teamcymru. Police officers can e-mail [email protected] for details of the application process to get a BATTLE account.
About Team Cymru
Team Cymru is a leading Internet security research think tank that was founded in 1998. Its mission is to make the Internet more secure, more aware, and more reliable. By researching the 'who' and 'why' of malicious Internet activity worldwide, Team Cymru helps organizations identify and eradicate problems in their networks. The group's main office is in the Chicago, IL, US area.
For more information please visit https://www.team-cymru.org.