Information Security News: Law enforcement at disadvantage in war on cybercrime

[InfoSec News <alerts () infosecnews org>]

http://www.gcn.com/online/vol1_no1/45285-1.html

By William Jackson
GCN 
10/22/07

The two things law enforcement and government need to combat the 
epidemic of cybercrime is better information sharing and better 
information to share, a panel of security experts on Capitol Hill 
concluded Monday.

The panel was put together by the Advisory Committee to the 
Congressional Internet Caucus to discuss cybersecurity threat 
assessment. The picture they painted was a familiar one of increasingly 
sophisticated online criminals responsible for a global crime wave that 
law enforcement has neither the technical nor legal resources to combat.

“Information sharing is one of the keys to solving this problem,” said 
Gary Warner, of the computer and information sciences department of the 
University of Alabama at Birmingham.

Warner said that when some banks began sharing lists of compromised IP 
addresses to compare with fraudulent account activity, they were able to 
prevent some losses. But that kind of cooperation still is not common, 
especially in government, said Keith Rhodes of the Government 
Accountability Office’s Center for Technology and Engineering.

“Unfortunately, there is a lot of talk about information sharing” in 
government, but not much action, Rhodes said.

Many agency managers do not want to report or acknowledge problems, and 
the result is that common problems crop up repeatedly in networks. This 
shows up in GAO’s penetration tests of those networks, Rhodes said.

“They never stop us,” he said. “We always get in, they never see us and 
they never react properly.”

Law enforcement agencies generally do not have the level of technical 
expertise available to cybercriminals, said Gregory Crabb of the U.S. 
Postal Inspection Unit’s global cyberinvestigations unit. This makes it 
difficult to get an adequate return on the time and effort invested in 
investigation of computer crime. More research and training for 
investigators are needed, he said.

The Postal Inspection Service is doing its part toward this by 
participating, along with the FBI and state and local law enforcement 
agencies, in the National Computer Forensics and Training Alliance. The 
alliance offers a confidential forum for sharing information by agencies 
and with the private sector. The service has invested $850,000 in a 
NCFTA training center.

“That’s a major investment, because the Postal Inspection Service 
doesn’t get funding from Congress,” Crabb said.

Rhodes said government also needs to do a better job on its own 
cybersecurity.

“The government has to get its house in order” and provide a practical 
example as well as mandates and regulation to be a responsible partner 
in the public-private partnership necessary to secure cyberspace, he 
said. “I don’t see anyone in government being held accountable for their 
security” until a lapse makes front-page news. “And that’s not being 
held accountable. That’s just being embarrassed.”

__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com