Victimized businesses need to fess up to law-enforcement agencies.
The quick arrests of two of the people allegedly involved in the Zotob and Mytob worms show how international coordination is crucial to curbing Internet-related crimes. The FBI says it worked with Turkish and Moroccan law-enforcement agencies and Microsoft in tracking down the suspects, and the collaboration also aided in the identification of another 15 possible suspects.
Louis Reigel, assistant director of the FBI's cyber division, told attendees at last week's High-Technology Crime Investigation Association conference in Monterey, Calif., that the bureau has been collaborating at a record pace. It recently worked with British authorities to bust a denial-of-service attack ring, and it helped Nigerian officials prosecute a group of online fraudsters for crimes committed in the United States.
But much more collaboration is needed to put a significant dent in cybercrimes, and businesses need a wake-up call. The FBI believes that only about 30% of companies that have had their networks hacked report those incidents to law-enforcement agencies. "If they don't come forward, the likelihood of law enforcement getting that information is dwarfed," Reigel says.
Victimized companies often fear any publicity that makes them look vulnerable. But it's likely the real damage will come from not reporting incidents, says Christopher Painter, deputy chief of the computer crimes and intellectual-property section at the U.S. Department of Justice. "Why not attack the system again and again?" Painter asks. "There's too much of a perception in [the hacker] community that there aren't consequences. Our job is to make sure there are consequences."
Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.
Santa Clara University in California is doing its part, having turned to law enforcement a couple of times following recent hacks, says CIO Ron Danielson, who wouldn't elaborate on the nature of the attacks. A lot of cybercrime could be eliminated if software vendors placed security higher on their list of product-development priorities, Danielson says. "Using secure software is a security measure," he says.
Hackers present a huge concern for the school, considering the recent thefts of student information from several universities. Preventive steps taken by the university include pushing operating-system patches to users, since alerts to download updates are often ignored, and implementing bandwidth-monitoring technology in its network switches that will flag suspicious high-bandwidth activity, such as using a system for distribution of a virus.
Meanwhile, technologies used in prosecutions, such as software that can recover files that have been deleted, may begin to play a bigger role. The National Institute of Standards and Technology for the last few years has been testing those technologies to verify they're reliable. But the time it takes to define the required capabilities and test the technologies--as much as a year--is a problem. Susan Ballou, program manager and forensic scientist for the institute's Office of Law Enforcement Standards, says the group is working to speed the process, so that the technology doesn't become outdated before it's useful. "We're too slow," she admits.
But let's face it: Criminals also are getting more effective with their technologies. They're creating software that advances the art of cracking passwords, hijacking browsers, cracking Secure Sockets Layer encryption, and keystroke logging, says Laura Chappell, founder of the Protocol Analysis Institute, who hosted a session during last week's conference. As one unsettling example, Chappell told attendees that she used an instant-messaging sniffing tool to easily listen in on private after-hours conversations among conference attendees.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.