Combating Cyber Vandalism: A Guide for Web Users and Owners

Responding to Unauthorized System Probes

When your personal firewall software detects suspicious activity, such as repeated probes from the same source, it's crucial to take action. Here's what you can do:

1. Review Firewall Logs: Examine the logs to understand the nature and frequency of the probes.
2. Contact Your ISP: Send the logs along with a detailed incident description to your Internet Service Provider (ISP). They may have the resources to investigate further.
3. Trace the IP Address: Use a tracing program to identify the source IP address. However, be cautious as this could expose your IP address to the attacker. Ensure your firewall is properly configured to minimize risks.
4. Notify the IP Owner: If you can pinpoint a repetitive address, inform the owner with a polite email. This could be an ISP or a company whose system might be compromised and used for the attack.

Crafting an Effective Incident Report Email

When reaching out to an ISP or IP owner, it's important to be clear and concise. Here's an example of how to structure your email:

• Subject: Unauthorized Activity Detected from Your Service
• Body: Include the date, time, and nature of the activity, along with your firewall logs and any trace results. Request their assistance in investigating the issue.

Dealing with Website Compromises

Website owners face the additional threat of web cracking, where attackers gain unauthorized access to modify site content. This form of cyber vandalism is often the work of 'Script Kiddies'—inexperienced individuals using pre-written scripts to exploit vulnerabilities.

Immediate Actions for Web Owners

If you suspect your website has been compromised:

1. Contact Your Hosting Provider: Alert them immediately as the security of the entire server may be at risk.
2. Review Server Logs: Check for any unauthorized access or changes made to your site.
3. Report the Incident: Depending on your location, report the breach to the appropriate authorities.

Legal Recourse and Reporting Cyber Incidents

Cybercrime laws are evolving worldwide, with many countries introducing severe penalties for cyber-terrorists. Here are some resources for reporting cyber incidents:

• United States: National Infrastructure Protection Center (NIPC), part of the FBI, offers forms for incident reporting and security threat information. Visit NIPC and Cybercrime for more details.
• Australia: Report intrusions to the Australian Federal Police through your local police station.
• United Kingdom: While specific cybercrime reporting resources may be harder to find, local law enforcement can provide assistance.

Conclusion: Take Action Against Cyber Threats

The internet community can only combat cyber threats by taking action. Don't let firewall logs go to waste; they can be valuable evidence. Ensure you document a pattern of malicious activity before reporting. Together, we can work towards a safer digital environment.

Remember, cyber vandalism is not a victimless crime. It's a disruption that affects real people and businesses. By staying vigilant and reporting incidents, we can help deter these digital vandals and maintain the integrity of our online world.