[This is very similar to what Janet Reno used to say. About the only
thing missing is a complaint about encryption
(http://www.politechbot.com/p-00517.html). --Declan]
http://www.usdoj.gov/criminal/cybercrime/AGCPPSI.htm
REMARKS OF ATTORNEY GENERAL JOHN ASHCROFT
FIRST ANNUAL COMPUTER PRIVACY, POLICY & SECURITY INSTITUTE
May 22, 2001
_________________________________________________________________
Good afternoon. It is a pleasure for me to speak with you, and I am
grateful to Senator Conrad Burns and to Rocky Mountain College for
their kind invitation.
The concerns that bring you to this Institute - computer security and
threats to information assets - are of central importance to us all. A
few years ago, these conferences were quite rare. "Worms" and
"viruses" were described in biology textbooks, not police reports.
Today terms like these bring to mind crashed networks, massive
disruptions in communications and infrastructure systems, and billions
of dollars in damages.
Like revolutionary technologies before it, the Internet carries
enormous potential both for advancement and for abuse.
Attacks on networks, frauds, software piracy, corporate espionage, and
trafficking in child pornography are just some of the crimes
facilitated by the Internet. The Department of Justice is committed to
fighting these crimes, and I am here to ask for your partnership.
Without your leadership, without your help, and without our collective
efforts, the Department's mission - to make our country a safer and
more secure place for all Americans - can not be fulfilled.
Although there are no exact figures on the costs of cybercrime in
America, estimates run into the billions of dollars each year. And
unlike more traditional crimes, cybercrime is especially difficult to
investigate.
First, the Internet can provide anonymity. On the Internet, it is easy
for a criminal to create a fictitious identity to perpetrate frauds,
extortions, and other crimes. Since many computer crimes - such as
trading pirated software or child pornography - can be committed
entirely on-line, this anonymity can significantly complicate an
investigation.
Second, compounding these difficulties is the Internet's borderless
nature. A criminal anywhere in the world armed with nothing more than
a personal computer connected to a modem can victimize individuals and
businesses worldwide.
Third, the tremendous power of today's computers makes it possible for
a single cybercriminal to do a staggering amount of damage - damage
far beyond what a single person could typically do in the traditional
criminal world. For example, a sophisticated cybercriminal can release
a virus or launch a denial of service attack affecting hundreds of
thousands of computer users or critical infrastructures like power
grids.
But we are not just faced with technical challenges. Even if we could
master all the technology, the human dimension of cybercrime presents
its own unique challenges. Sadly, there is a common misperception
among many - especially many young people - that crimes committed
on-line are not as serious as more traditional crimes.
The Department of Justice is doing everything it can to address these
challenges.
First, we have dramatically increased our training of prosecutors and
agents in this area. The Department has a specific section of the
criminal division - the Computer Crime and Intellectual Property
Section - devoted to combating cybercrime.
In addition, the FBI has created Computer Crime Squads in 16
metropolitan areas around the country specifically to investigate
cybercrime.
In Washington, the FBI's National Infrastructure Protection center
acts as a clearinghouse for information and expertise relating to
cybercrime. And each federal judicial district - including the
District of Montana - has at least one Assistant United States
Attorney, a Computer and Telecommunications Crime Coordinator, who
has received special training in how to investigate and prosecute
cybercrime.
Second, we have worked with our partners in foreign law enforcement
to address the internationalization of cybercrime. Partnerships
such as the Group of Eight industrial nations and the Council of
Europe have provided us with the means for discussing and
developing better ways to investigate cybercrime which crosses
borders.
Third, through the FBI, we have sponsored the InfraGard program, a
unique partnership between the Department of Justice, businesses,
academic institutions, and state and local law enforcement
agencies, dedicated to increasing the security of the United
States' critical infrastructures.
Fourth, the Department of Justice also reaches out to young people
through programs like the Cybercitizen Partnership, our partnership
with the Information Technology Assocation of America Foundation to
teach young people the right ways to use the Internet.
Last and perhaps most directly, we are putting cybercriminals in
jail. The arrest and guilty plea of both the author of the Melissa
virus in the United States and "MafiaBoy" in Canada demonstrate our
ability to solve cybercrime - even when it occurs on a massive
scale or comes from outside our borders.
No matter how hard we work in the Department of Justice, we cannot
solve this problem alone. For all our success in prosecuting the
cybercrime we know about, we know that much more goes totally
unreported. And this is where we need your help.
Our experience tells us that when a bank is robbed, bank officials
call the police. But when valuable commercial information is stolen
from computers, only rarely do the victims report this to law
enforcement. Why? It could be for a number of reasons. We know from
speaking with business managers that they are often embarrassed.
Their computers - which they thought were secure - were not so
secure after all. They fear customer mistrust and competitive
disadvantage. And they are afraid that an investigation will
disrupt their business.
We know that a company that does not report cybercrime to law
enforcement may find itself in a far worse position than it ever
imagined. A company that does not report crime leaves the criminal
free to strike again. If a computer hacker has broken into your
network and has stolen credit card numbers from your databases or
has stolen valuable intellectual property, he may also have created
a new backdoor to your network to use if you bar his original path.
Not reporting the cyber crime also creates incentives for repeat
attacks against you. Cybercriminals talk to each other and when you
don't report, you are viewed by this community as an easy victim. I
would urge you to recognize that when you report incidents of
cybercrime, you are not just doing the right thing for the
community - you are also doing something clearly in your own
interest.
Our experience with good corporate citizens that do report crime
has been excellent. As a result of cooperation with industry, we
recently arrested suspects in extortion and computer intrusions
directed against Michael Bloomberg and his company by individuals
in Kazakhstan; damage to GTE's computers caused by a disgruntled
employee; and a shill bidding art fraud run on e-Bay. In large
measure, these success stories depended on the timely reporting of
the events by the victims.
As we work to make the remarkable technology of the Internet a
positive force for all Americans, and as we enter a new era in law
enforcement, the future success stories belong to you. I urge you
to be leaders in this field, and I look forward to working with
you.
Thank you.
###
-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
Received on May 23 2001
Intro
