Business & Finance
News
9/2/2005
05:15 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Collaboration Helps Nab Cybercriminals

Victimized businesses need to fess up to law-enforcement agencies.

The quick arrests of two of the people allegedly involved in the Zotob and Mytob worms show how international coordination is crucial to curbing Internet-related crimes. The FBI says it worked with Turkish and Moroccan law-enforcement agencies and Microsoft in tracking down the suspects, and the collaboration also aided in the identification of another 15 possible suspects.

Louis Reigel, assistant director of the FBI's cyber division, told attendees at last week's High-Technology Crime Investigation Association conference in Monterey, Calif., that the bureau has been collaborating at a record pace. It recently worked with British authorities to bust a denial-of-service attack ring, and it helped Nigerian officials prosecute a group of online fraudsters for crimes committed in the United States.

But much more collaboration is needed to put a significant dent in cybercrimes, and businesses need a wake-up call. The FBI believes that only about 30% of companies that have had their networks hacked report those incidents to law-enforcement agencies. "If they don't come forward, the likelihood of law enforcement getting that information is dwarfed," Reigel says.

Victimized companies often fear any publicity that makes them look vulnerable. But it's likely the real damage will come from not reporting incidents, says Christopher Painter, deputy chief of the computer crimes and intellectual-property section at the U.S. Department of Justice. "Why not attack the system again and again?" Painter asks. "There's too much of a perception in [the hacker] community that there aren't consequences. Our job is to make sure there are consequences."

Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.

Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.
Santa Clara University in California is doing its part, having turned to law enforcement a couple of times following recent hacks, says CIO Ron Danielson, who wouldn't elaborate on the nature of the attacks. A lot of cybercrime could be eliminated if software vendors placed security higher on their list of product-development priorities, Danielson says. "Using secure software is a security measure," he says.

Hackers present a huge concern for the school, considering the recent thefts of student information from several universities. Preventive steps taken by the university include pushing operating-system patches to users, since alerts to download updates are often ignored, and implementing bandwidth-monitoring technology in its network switches that will flag suspicious high-bandwidth activity, such as using a system for distribution of a virus.

Meanwhile, technologies used in prosecutions, such as software that can recover files that have been deleted, may begin to play a bigger role. The National Institute of Standards and Technology for the last few years has been testing those technologies to verify they're reliable. But the time it takes to define the required capabilities and test the technologies--as much as a year--is a problem. Susan Ballou, program manager and forensic scientist for the institute's Office of Law Enforcement Standards, says the group is working to speed the process, so that the technology doesn't become outdated before it's useful. "We're too slow," she admits.

But let's face it: Criminals also are getting more effective with their technologies. They're creating software that advances the art of cracking passwords, hijacking browsers, cracking Secure Sockets Layer encryption, and keystroke logging, says Laura Chappell, founder of the Protocol Analysis Institute, who hosted a session during last week's conference. As one unsettling example, Chappell told attendees that she used an instant-messaging sniffing tool to easily listen in on private after-hours conversations among conference attendees.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.