Phil Graham on 13 Jul 2000 07:32:39 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Nettime-bold] Fwd: [bioexchange] FW: CyberSleuth will identify entitiestargeting corporations

>Mailing-List: ListBot mailing list contact
>Delivered-To: mailing list
>Reply-To: "The bio-exchange" <>
>From: Naomi Sunderland <>
>To: "''" <>
>Subject: [bioexchange] FW: CyberSleuth will identify entities targeting 
>Date: Thu, 13 Jul 2000 14:03:57 +1000
>X-Mailer: Internet Mail Service (5.5.2650.21)
>The bio-exchange
>Check out the terminology used the article below on cybersleuthing services
>now available to help companies identify and "eliminate" on-line activists
>working against them. See in particular:
>threat assessment
>rogue websites
>"shuttering of a terrorist web site"
>"objective not only to stop spread of incorrect information but also to
>ensure that what has already spread is eliminated"
>What are we talking about here - online activism or nuclear fallout?!
>This is all quite disturbing. Question is, are we dealing with "warfare" or
>is it merely in the description? Or both?
>Naomi Sunderland
>Biotech Activists (    Posted: 07/12/2000  By
>eWatch CyberSleuth
>Wednesday, July 12, 2000
>It is unfortunate that companies are being targeted by entities whose
>motives are fraudulent, deceptive or criminal.
>  eWatch CyberSleuth will attempt to identify the entity or entities behind
>the screen name(s) which have targeted your organization.
>  eWatch CyberSleuth includes a 30-day subscription to the eWatch All
>Coverage Bundle (except WebWatch) with the screen name(s) as the sole
>  eWatch CyberSleuth requires 7 to 10 days to complete from the date of
>submission and costs $4,995 per screen name. 48-hour turn around is
>available for an additional $1,995 per screen name. Results will vary and
>cannot be guaranteed. Customers will receive a dossier detailing all
>information gathered about the subject during the inquiry. Click here to
>While the Internet is in fact a new medium, based on our five years of
>experience in helping companies monitor the Internet, most of the old
>rules with respect to how we respond and react still apply. The biggest
>differences are that our actions are more public, the audience is larger
>and we're running in real-time.
>There are six major motivations for online activism. The same response
>methodology cannot be used for all of them. It is critical to understand
>the motivation or motivations behind online attacks in order to employ the
>correct response mechanisms. The six motivations include:
>  Legitimate complaint.
>  Behavior influencing (Environmental group targeting an oil company, etc.)
>  Stock manipulation.
>  Revenge.
>  Mis- or dis-information.
>  Fraud and extortion.
>Troubleshooting dubious postings need to happen on four fronts (what we
>call these the four C's):
>  Classification
>  Containment
>  Communication
>  Counteraction
>  Before troubleshooting, decide if action is warranted. Let's face it,
>there is a lot of awful content on the Internet about even the best
>  To take action on every occurrence is impractical. What are the
>key triggers that your company will use to prioritize and classify online
>  In our experience, other companies have used these standards,
>among others, for online threat assessment:
>  Threats against the safety of employees.
>  Threats against property (physical and intellectual).
>  Decreasing sales.
>  Lowering stock price.
>  Affecting litigation.
>  Affecting negotiations (labor, acquisitions, etc.).
>  If the attack is prioritized for action, then containment is the next
>step. Containment is a two part endeavor focusing on (1.) Neutralizing the
>information appearing online, and; (2.) Identifying the perpetrators
>behind the postings, rogue website, hack, etc.
>  Neutralizing information posted online, if appropriate, is the removal of
>the offending messages from where ever they appear in cyberspace. This may
>mean something as simple as removing a posting from a web message board on
>Yahoo! to the shuttering of a terrorist web site.
>  The objective is to not only stop the spread of incorrect information,
>but ensure that what has already spread is also eliminated. Victims of
>verifiable libel and trademark infringement have a much easier time
>neutralizing Internet content in our experience.
>  Non-libelous content but nonetheless incorrect or offensive content is
>less likely to be removed by 3rd party search engines, ISPs, etc.
>  Identifying the perpetrators behind the action requires the kind of
>special expertise that we've assembled for out eWatch CyberSleuth product.
>  Internet attackers attempt to cover their tracks by erasing identifying
>personal information from their postings, using anonymous remailers to
>strip off network information, posting under assumed names, etc.
>  Identifying these perpetrators is done using a variety of methods such as
>following leads found in postings and web sites, working ISPs, involving
>law enforcement, conducting virtual stings, among other tactics.
>  Depending on the scope of the event, it may become necessary to
>communicate to our key audiences about an incident that is occurring
>online. Our key audiences may include our employees, vendors, customers,
>prospects, regulators, beat journalists, financial analysts and investors
>(retail and institutional).
>  The purpose of communicating with our key audiences is to signal that we
>are on top of the situation and have, or are working, to resolve it. When
>our key audiences are communicating in real-time, so must we. In certain
>situations, the lack of a response will be viewed as incompetence or
>worse, that there is in fact something to hide. As in other media,
>perception is reality.
>  On the Internet, there are many communication tools at our disposal. We
>can post back to the message boards where the original postings appeared
>to give our side of the story, provide clarification or debunk it. We can
>email directly those we think were affected by the incident. We can use
>our own web site -- or set up a temporary micro site -- to address the
>situation in detail.
>  Micro sites are useful for communicating a lot of information to a lot of
>people in a short period of time...especially journalists. For situations
>that are or have the potential to affect a large number people, companies
>are also using traditional media tools such as news releases and media
>relations that can reach outside the online world more effectively.
>  Regardless of the method used, the targeted company has to evaluate these
>tools with great caution. What may appear to a company as a serious
>incident may in fact not be to its key audiences.
>  By communicating even to a small audience we run the risk of creating a
>larger problem where one did not exist before. And on the Internet, it is
>easy for our adversaries to take our response out of context. Furthermore,
>when communicating with our adversaries directly, everything we send them
>will more than likely appear online. Depending on the situation, curt
>letters from corporate lawyers merely serve to bolster their claims.
>  Based on the information that is learned about the perpetrator(s), and
>given the seriousness of the offense, the appropriate countermeasures are
>  These may include everything from simply exposing the individual online
>all the way to arrest. In some cases, the perpetrator is an employee of or
>contractor to the targeted company. In these cases, termination of
>employment is customary.
>  Counteraction may also include closing loop-holes in computer networks or
>developing new security procedures to prevent a recurrence.
>  For more information on eWatch CyberSleuth or to discuss a specific
>situation you may be facing, please email or call
>*** NOTICE: In accordance with Title 17 U.S.C. Section 107, this material
>is distributed without profit to those who have expressed a prior interest
>in receiving the included information for research and educational
>purposes. Feel free to distribute widely but PLEASE acknowledge the
>source. ***
>How to Use this Mailing List
>You received this e-mail as a result of your registration on the
>biotech_activists mailing list.
>To unsubscribe, please send an email to In the body of
>the message type:
>unsubscribe biotech_activists
>For a list of other commands and list options, please send email to
>In the body of the message type:
>Please direct content questions about this list to:
>Please direct technical questions about this service to:
>To unsubscribe, write to
>Start Your Own FREE Email List at

Opinions expressed in this email are my own unless otherwise stated.
Phil Graham
Lecturer (Communication)
Graduate School of Management
University of Queensland
617 3381 1083

Nettime-bold mailing list