Business & Finance
News
9/2/2005
05:15 PM
Connect Directly
RSS
E-Mail
50%
50%

Collaboration Helps Nab Cybercriminals

Victimized businesses need to fess up to law-enforcement agencies.

The quick arrests of two of the people allegedly involved in the Zotob and Mytob worms show how international coordination is crucial to curbing Internet-related crimes. The FBI says it worked with Turkish and Moroccan law-enforcement agencies and Microsoft in tracking down the suspects, and the collaboration also aided in the identification of another 15 possible suspects.

Louis Reigel, assistant director of the FBI's cyber division, told attendees at last week's High-Technology Crime Investigation Association conference in Monterey, Calif., that the bureau has been collaborating at a record pace. It recently worked with British authorities to bust a denial-of-service attack ring, and it helped Nigerian officials prosecute a group of online fraudsters for crimes committed in the United States.

But much more collaboration is needed to put a significant dent in cybercrimes, and businesses need a wake-up call. The FBI believes that only about 30% of companies that have had their networks hacked report those incidents to law-enforcement agencies. "If they don't come forward, the likelihood of law enforcement getting that information is dwarfed," Reigel says.

Victimized companies often fear any publicity that makes them look vulnerable. But it's likely the real damage will come from not reporting incidents, says Christopher Painter, deputy chief of the computer crimes and intellectual-property section at the U.S. Department of Justice. "Why not attack the system again and again?" Painter asks. "There's too much of a perception in [the hacker] community that there aren't consequences. Our job is to make sure there are consequences."

Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.

Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.
Santa Clara University in California is doing its part, having turned to law enforcement a couple of times following recent hacks, says CIO Ron Danielson, who wouldn't elaborate on the nature of the attacks. A lot of cybercrime could be eliminated if software vendors placed security higher on their list of product-development priorities, Danielson says. "Using secure software is a security measure," he says.

Hackers present a huge concern for the school, considering the recent thefts of student information from several universities. Preventive steps taken by the university include pushing operating-system patches to users, since alerts to download updates are often ignored, and implementing bandwidth-monitoring technology in its network switches that will flag suspicious high-bandwidth activity, such as using a system for distribution of a virus.

Meanwhile, technologies used in prosecutions, such as software that can recover files that have been deleted, may begin to play a bigger role. The National Institute of Standards and Technology for the last few years has been testing those technologies to verify they're reliable. But the time it takes to define the required capabilities and test the technologies--as much as a year--is a problem. Susan Ballou, program manager and forensic scientist for the institute's Office of Law Enforcement Standards, says the group is working to speed the process, so that the technology doesn't become outdated before it's useful. "We're too slow," she admits.

But let's face it: Criminals also are getting more effective with their technologies. They're creating software that advances the art of cracking passwords, hijacking browsers, cracking Secure Sockets Layer encryption, and keystroke logging, says Laura Chappell, founder of the Protocol Analysis Institute, who hosted a session during last week's conference. As one unsettling example, Chappell told attendees that she used an instant-messaging sniffing tool to easily listen in on private after-hours conversations among conference attendees.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.