Cybercrime Fighters To Gather Next Week - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Cybercrime Fighters To Gather Next Week

Law enforcement officials, including all 92 assistant U.S. attorneys, will meet to coordinate efforts against zero-day vulnerabilities and other online threats.

Although it seems as though cybercrime has been around forever, it's still a relatively new discipline that requires companies, law enforcement, and prosecutors to communicate frequently and adjust their tactics accordingly in order to catch the perps and put them away.

Hence the need for next week's third annual Government Forum of Incident Response and Security Teams Conference, where law enforcement officials at all levels will for the first time at this venue rub elbows with more than 200 attorneys and prosecutors, including all 92 assistant U.S. attorneys.

"Back when we started the conference, our focus was on information sharing at the technical level," Rob Pate, deputy director of outreach and awareness for the Homeland Security Department's National Cyber Security Division, told InformationWeek. "Now we're bringing in law enforcement and prosecutors to share our information."

Pate, who formerly served as director of strategic operations for the U.S. Computer Emergency Response Team, or US-CERT, is also the founder of Government Forum of Incident Response and Security Teams.

Communication among private-sector businesses, government, and law enforcement is especially important as zero-day vulnerabilities -- those for which there is no patch -- proliferate and attackers adopt new tactics for breaking into systems. "We have to rapidly share information about what we're seeing because cybertime moves in seconds," Jerry Dixon, director of the National Cyber Security Division, told InformationWeek.

Homeland Security is seeing a wider range of cyberthreats every month, including sophisticated click frauds that attach malware to users' PCs when they visit Web sites, centralized botnets that steal computing resources and launch additional security attacks, and peer-to-peer botnets that evade detection by moving the botnets' command-and-control module from device to device. "You almost need a Ph.D. in software engineering to address P2P botnets," Dixon added.

The FBI reported earlier this month that, as a result of its Operation Bot Roast, an ongoing and coordinated initiative to disrupt and dismantle bot herders, law enforcement had identified about 1 million computers across the country that have been compromised. Homeland Security's hope is that legal experts and law enforcement officials will learn from each other with the ultimate goal of catching and punishing cybercriminals.

By pulling together the administrators, consultants, and law enforcement officials who detect and investigate security threats, Homeland Security wants to develop a forum for them to communicate face to face and exchange ideas and concerns. For last year's conference, Internet service providers were invited because "all of us have to use ISPs to get access to the information" required to track down the sources of cybercrime, Dixon said. The prosecutors invited to this year's conference will close the law enforcement cycle to ensure that these legal pros have the evidence they need to charge cybercriminals and make those charges stick.

This year's conference couldn't come soon enough. The U.S. Government Accountability Office earlier this week issued a report blasting Homeland Security for continuing to have deficiencies in its information security program that contribute to significant weaknesses in computer security controls that threaten the confidentiality, integrity, and availability of key departmental information and information systems. A congressional hearing Wednesday revealed that Homeland Security suffered 844 "cybersecurity incidents" during fiscal 2005 and 2006.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll