The Washington Post reports that “Atrivo, a.k.a ‘Intercage,’” an ISP “ceased to be reachable from any points on the Internet early Sunday morning when the ISP’s sole remaining provider – Pacific Internet Exchange (PIE) – stopped routing traffic for the troubled company.”  More details below, including allegations that Atrivo was being used for all sorts of nasty, possibly fraudulent activity.  And, for our law professor readers, with a change or two, this could form the basis of an interesting exam question.

From the Post:

The final blow comes just weeks after Security Fix joined several researchers in publishing evidence that major portions of Atrivo’s network were being used to foist fake security software, Trojan horse programs, and other nastiness. As a result of those reports, several of Atrivo’s upstream providers dropped the company as a client.

PIE agreed to provide routing for Atrivo after three other major upstream providers apparently decided it wasn’t worthy the negative publicity of being associated with the company. …

…

For all its years of operation, Atrivo’s Web site consisted of little more than a blue background adorned with a simple “Web Site Launching Soon” banner. Critics took this as evidence that Kacperksi earned the majority of his customers via shady, underground channels.

In an interview last week, Kacperski [Atrivo's founder] said to the extent that there were bad apples hosted on his network, few of them were ever directly reported in e-mailed complaints. Kacperski claims he receives an average of just five complaints about abusive domains hosted on his network each week.

…

In the meantime, a lively debate on Atrivo’s demise has lit up the the mailing list of ISP operators known as the North American Network Operators Group (NANOG), with Kacperski defending his company’s record and vowing to find another upstream provider.

Some have suggested that ISPs and Internet backbone providers should not be allowed to serve as judge, jury and executioner of problematic customers. Dan Goodin of TheRegister.com opined that the multilateral actions against Atrivo amounted to “a temporary and highly imperfect stopgap” orchestrated by “ad hoc malware police.”

Goodin’s stance was echoed by Marcus Sachs, director of the SANS Internet Storm Center. “There are others out there who need to be cut off but we’ve got to find a better way to do it than by creating the virtual equivalent of a lynch mob,” Sachs wrote in a e-mail to Security Fix.

Until that “better way” gains traction, however, it is all but certain that self-interested network providers will persist in efforts to string up the perceived bad actors, said Paul Ferguson, senior researcher at security firm Trend Micro.

“The community must police itself, and this is a fine example of purging badness,” Ferguson said. “Of course, it will pop up elsewhere, but we’re watching.”

Share on Facebook

Comment feed: RSS 2.0. You can leave a response, or trackback from your own site.