First person indicted in P2P ID theft case given 51 months

Seattle-based Gregory Kopiloff, who made security history last November by becoming the first person to be indicted on peer-2-peer (P2P) identify theft charges, has been sentences to 51 months in prison.

The case, says David Hobson, managing director of Global Secure Systems, an IT security consultancy, proves the danger that using P2P services for illegal software and media downloads now poses.

"Not only do P2P users faces the risk of prosecution by the authorities and even disconnection by their service provider under the new `three strikes' UK government proposals, but now they also stand a chance of being defrauded," he said.

According to Hobson, the fact that millions of UK Internet users are continuing to use P2P networks for file-sharing should be of great concern to company IT managers, as the three strikes proposal could see illegal file-sharers installing P2P software on their

"P2P file-sharing using BitTorrent software like Azureus and BitLord poses a serious headache for the already hard-pressed IT manager as, whilst standard P2P streams are easy to detect and lock down, savvy users are now encrypting their P2P connections to escape detection," he explained.

Whilst encrypting the P2P data stream using Azureus slows down the rate of transfer, Hobson says it makes detection of the transmissions on a company network doubly difficult.

"This is why we are now recommending IT security systems from the likes of AppGate, Blue Coat Systems and Lumension to help companies of all sizes discover what's really moving around their networks," he said.

"With this new threat of P2P-enabled fraud, the message is clear - IT managers must take steps to prevent any and all threats, including next-generational ones, using all the security technology at their disposal," he added.