I've been working with members of the Anti-Phishing Working Group and IEEE Industry Connections Security Group (ICSG) in a joint project that focuses on electronic crime impacts industry and governments.
It's fitting to talk about this project during CyberSecurity Awareness Month. An important part of this project is to raise awareness about ecrime, and in particular, help industry and governments better understand and distinguish what is ecrime from the many popularized cyberthreats: war, terrorism, hacktivism...
Some of the activities already underway include work on ecrime event data exchange standards and protocols. We are also working on operational protocols (processes) for dealing with computers compromised by ecrime (i.e., the post-Coreflood mitigation effort and others of this kind).
This is very large scope project and we need more hands to continue the work. My colleague John Quarterman explains that we need time and talent from a variety of resources. "There's plenty of work to be done on technical standards and operational protocols (such as glossaries, metrics, and monetary effects), plus Stop-eCrime needs educational materials and marketing to explain incentives for everyone to participate in reducing ecrime."
If you want to help, please read the Recruitment Letter for more information or contact me and I'll connect you with the working party chairman and members.