A standardized format for cybercrime reporting

“Cybercrime is emerging as a very concrete threat. Considering the anonymity of cyberspace, it may in fact be one of the most dangerous criminal threats ever,” said Interpol’s Secretary General, and I happen to agree.

I also think that we will have to change the way we approach the issue drastically, and I believe that today we are at least one step closer to dealing with the problem.

PC World reports that the Internet Engineering Task Force (IETF) – an Internet standards group – has put its seal of approval on a customized version of the XML-based Instant Object Description Exchange Format (IODEF), which will allow e-crime reports to be standardized and, thus, give security researchers a cohesive, broad set of data to gauge online crime.

The format will support various languages and allow for unequivocal time stamps. It will also allow reporters to add samples of the malicious code to the report. These reports will hopefully be gathered in a centralized database where they can be searched and provide crucial information to attacked organization – such as IP ranges of malicious websites or the results of spam message analysis.

The Anti-Phishing Working Group (APWG) has helped a lot during the development of the reporting format, and now plans to organize a trial run. Among other things, they hope that its use will allow organizations to spend less time sending reports back and forth to solve various issues, and non-native English speakers to report accurately on the problem.