Collaboration Helps Nab Cybercriminals - InformationWeek
Business & Finance
05:15 PM

Collaboration Helps Nab Cybercriminals

Victimized businesses need to fess up to law-enforcement agencies.

The quick arrests of two of the people allegedly involved in the Zotob and Mytob worms show how international coordination is crucial to curbing Internet-related crimes. The FBI says it worked with Turkish and Moroccan law-enforcement agencies and Microsoft in tracking down the suspects, and the collaboration also aided in the identification of another 15 possible suspects.

Louis Reigel, assistant director of the FBI's cyber division, told attendees at last week's High-Technology Crime Investigation Association conference in Monterey, Calif., that the bureau has been collaborating at a record pace. It recently worked with British authorities to bust a denial-of-service attack ring, and it helped Nigerian officials prosecute a group of online fraudsters for crimes committed in the United States.

But much more collaboration is needed to put a significant dent in cybercrimes, and businesses need a wake-up call. The FBI believes that only about 30% of companies that have had their networks hacked report those incidents to law-enforcement agencies. "If they don't come forward, the likelihood of law enforcement getting that information is dwarfed," Reigel says.

Victimized companies often fear any publicity that makes them look vulnerable. But it's likely the real damage will come from not reporting incidents, says Christopher Painter, deputy chief of the computer crimes and intellectual-property section at the U.S. Department of Justice. "Why not attack the system again and again?" Painter asks. "There's too much of a perception in [the hacker] community that there aren't consequences. Our job is to make sure there are consequences."

Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.

Collaboration helped catch cybercriminals in Nigeria and Britain, the FBI's Reigel says.
Santa Clara University in California is doing its part, having turned to law enforcement a couple of times following recent hacks, says CIO Ron Danielson, who wouldn't elaborate on the nature of the attacks. A lot of cybercrime could be eliminated if software vendors placed security higher on their list of product-development priorities, Danielson says. "Using secure software is a security measure," he says.

Hackers present a huge concern for the school, considering the recent thefts of student information from several universities. Preventive steps taken by the university include pushing operating-system patches to users, since alerts to download updates are often ignored, and implementing bandwidth-monitoring technology in its network switches that will flag suspicious high-bandwidth activity, such as using a system for distribution of a virus.

Meanwhile, technologies used in prosecutions, such as software that can recover files that have been deleted, may begin to play a bigger role. The National Institute of Standards and Technology for the last few years has been testing those technologies to verify they're reliable. But the time it takes to define the required capabilities and test the technologies--as much as a year--is a problem. Susan Ballou, program manager and forensic scientist for the institute's Office of Law Enforcement Standards, says the group is working to speed the process, so that the technology doesn't become outdated before it's useful. "We're too slow," she admits.

But let's face it: Criminals also are getting more effective with their technologies. They're creating software that advances the art of cracking passwords, hijacking browsers, cracking Secure Sockets Layer encryption, and keystroke logging, says Laura Chappell, founder of the Protocol Analysis Institute, who hosted a session during last week's conference. As one unsettling example, Chappell told attendees that she used an instant-messaging sniffing tool to easily listen in on private after-hours conversations among conference attendees.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll