Untraceable's Killer Website. Could it Happen?


a thriller starring Diane Lane opens in theaters today. Lane plays Jennifer Marsh, a FBI agent who specializes in cyber crimes. Then the unthinkable happens.

A new site called “Kill With Me” appears on the Net. The webmaster of the site streams live video of him torturing and killing victims. The more people that tune in to the YouTube-like site, the more the psychopath tortures and kills. You follow?

So the movie isn’t getting the best reviews, ok MSNBC thinks it is deplorable. But how realistic is it? No, not the existence of an FBI agent as hot as Lane. The cyber crime plot!

The creators of the movie actually consulted withDNSstuff.com, a provider of real-time network forensics. DNS Stuff put out a press release in which they quote an Untraceable advisor and former FBI cyber-crime expert E.J. Hilbert: "Malicious crimes such as human exploitation, cyber-terrorism, identity theft and larceny are tangible, growing global problems. Untraceable accurately incorporates certain DNSstuff.com tools and Internet management techniques now used by millions of businesses, law enforcement agencies and individuals.” Hilbert doesn’t answer is if a killer website is a threat the FBI is worried about.

Sure we have our thoughts, but we were dying to find out what an expert thought. We decided to ask Ron Teixeira, the executive director of National Cyber Security Alliance, his thoughts on the movie and KillWithMe.com.

You may want to make the interview boring, because the more views it gets the more we will torture …
I will keep that in mind! And will make sure I log on to the site...

What do you think about the movie Untraceable?
I haven't seen the movie yet. The good thing about it though is that it is raising the visibility of cyber forensics and the importance of having law enforcement investigating cyber crime. It is becoming a bigger issue and people should take precautions to protect themselves.

Could this really happen?
I never want to say it is impossible, but I would say it is extremely unlikely. Partly because there would have to be specific unlikely scenarios to occur to make something like this happen. One is that this perpetrator would have to be completely untraceable so law enforcement couldn’t actually find him or the victim. The second would be that there wasn’t any possible way to block the URL. Every time the Web site gets a hit, the guy seems to bring someone closer to death. All the Internet Service Providers (ISPs) would have to get together and say lets not block this site, which is very unlikely.

It would be hard for him to remain untraceable?
Yes, a person streaming a webcam for a period of time makes it easy for the location to be traced. Law enforcement will look at where the IP address of the site is coming from and they will go to the provider and follow the IP address. It is called going “downstream” or finding the location. I guess it is a different story if they are breaking into someone’s computer and using their IP address, but even then when law enforcement got to that computer they would find out where that break in came from and be able to trace the IP address from there. It could get pretty complicated but they can get to where that webcam is pretty fast.

And what is the likelihood that the Internet Service Providers or the Web host would refuse to shut down the site?
Not likely at all! I mean people are dying. These companies wouldn’t want to see something like this happen. It is in the best interests of their business to cooperate and they want to eradicate cyber crime as well. ISPs can actually “poison cache” the URL. Which would just block that site completely. I am confident they would do this in this extreme situation of Killwithme.com.

In one scene in the movie the psychopath seems to hack into Diane Lane's home network, can we assume she didn’t have network security?
Yes, I would actually question that!

So it is Symantec’s fault?
I would ask about her set up first before the software. They could have broke through the firewall, but that’s highly unlikely. They could get in through social engineering tactics. Perhaps her child in the movie downloads an email from the bad guy and he is able to break into the network through that downloaded virus.

So she should have had child security settings turned on?
Yes exactly! But really Diane Lane should have been keeping that security software up to date. Her program could have been out of date and not have been protecting against the latest Trojan Horse or whatever he might have put on her computer to access her house.

What is the most realistic cyber crime movie you have seen?
One guy has said that if you wanted to have a realistic movie about cyber crime, no one would go see it, because it would be so boring. I would say in terms of the concept itself two movies are realistic. One is The Net. The other is more recent, Die Hard 3. It shows the potential dangers of hackers getting into critical infrastructure and causing damage. The concept is far fetched in the sense that the end of the world is coming, but cyber terrorism is a current threat.