Law enforcement officials, including all 92 assistant U.S. attorneys, will meet to coordinate efforts against zero-day vulnerabilities and other online threats.
Although it seems as though cybercrime has been around forever, it's still a relatively new discipline that requires companies, law enforcement, and prosecutors to communicate frequently and adjust their tactics accordingly in order to catch the perps and put them away.
"Back when we started the conference, our focus was on information sharing at the technical level," Rob Pate, deputy director of outreach and awareness for the Homeland Security Department's National Cyber Security Division, told InformationWeek. "Now we're bringing in law enforcement and prosecutors to share our information."
Pate, who formerly served as director of strategic operations for the U.S. Computer Emergency Response Team, or US-CERT, is also the founder of Government Forum of Incident Response and Security Teams.
Communication among private-sector businesses, government, and law enforcement is especially important as zero-day vulnerabilities -- those for which there is no patch -- proliferate and attackers adopt new tactics for breaking into systems. "We have to rapidly share information about what we're seeing because cybertime moves in seconds," Jerry Dixon, director of the National Cyber Security Division, told InformationWeek.
Homeland Security is seeing a wider range of cyberthreats every month, including sophisticated click frauds that attach malware to users' PCs when they visit Web sites, centralized botnets that steal computing resources and launch additional security attacks, and peer-to-peer botnets that evade detection by moving the botnets' command-and-control module from device to device. "You almost need a Ph.D. in software engineering to address P2P botnets," Dixon added.
The FBI reported earlier this month that, as a result of its Operation Bot Roast, an ongoing and coordinated initiative to disrupt and dismantle bot herders, law enforcement had identified about 1 million computers across the country that have been compromised. Homeland Security's hope is that legal experts and law enforcement officials will learn from each other with the ultimate goal of catching and punishing cybercriminals.
By pulling together the administrators, consultants, and law enforcement officials who detect and investigate security threats, Homeland Security wants to develop a forum for them to communicate face to face and exchange ideas and concerns. For last year's conference, Internet service providers were invited because "all of us have to use ISPs to get access to the information" required to track down the sources of cybercrime, Dixon said. The prosecutors invited to this year's conference will close the law enforcement cycle to ensure that these legal pros have the evidence they need to charge cybercriminals and make those charges stick.
This year's conference couldn't come soon enough. The U.S. Government Accountability Office earlier this week issued a report blasting Homeland Security for continuing to have deficiencies in its information security program that contribute to significant weaknesses in computer security controls that threaten the confidentiality, integrity, and availability of key departmental information and information systems. A congressional hearing Wednesday revealed that Homeland Security suffered 844 "cybersecurity incidents" during fiscal 2005 and 2006.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.