[ISN] U.S. Still not prepared for cybercrime

From: mea culpa (jerichoat_private)
Date: Thu Aug 13 1998 - 00:37:29 PDT

  • Next message: mea culpa: "[ISN] Sendmail posts fix for email glitch"

    Forwarded From: William Knowles <erehwonat_private>
    
    CHICAGO (ZDNet) [8.10.98] - The back-alley talk was gloomy here at the
    13th Annual International Symposium on Criminal Justice Issues. 
    
    The upshot: It's going to take a major high-tech disaster to shake up
    corporate and government officials enough to work together in fighting
    high-tech crime. 
     
    Back-alley discussions form an expected part of any conference with
    representatives from the major three-letter government groups, and the
    Symposium, which ended Friday, didn't disappoint. Hosted by the University
    of Illinois at Chicago, it featured meetings between officials from the
    FBI, CIA, DOD and NSA with law-enforcement and industry-security
    representatives. The main topic: Issues in investigating high-tech crime,
    preventing cyber-terrorism and protecting against information warfare. 
     
    While the public seminars offered hope to cops playing catch-up in
    technology and to prosecutors with loads of cases that they, frequently,
    are not sure how to prosecute, the back-alley talk came to a different
    conclusion. 
     
    Follow the money
    
    A major problem is corporate reluctance to report computer problems,
    leaving others open to the same problems. 
     
    One DOD official pointed a finger directly at banks, and their secrecy. 
     
    "You cannot convince me that there is not a conspiracy in the financial
    community not to report (computer security problems),"  said Jim Christy,
    assistance secretary of defense for Command, Control, Communications and
    Intelligence (ASDC3I). 
     
    Christy cited a survey of Fortune 1000 companies that found that 94
    percent of surveyed firms did not have the in-house expertise to respond
    to a critical computer emergency. Of the firms that answered the survey,
    58 percent, or 411, detected computer security incidents, but only four of
    the incidents were reported. 
     
    According to Christy, not one financial company revealed whether it had
    had a security problem in the last 12 months -- they just X-ed out the
    question. Despite the fact that reporting security break-ins is mandatory
    for banks with federal insurance, few actually want to make their problems
    public. Such a visible airing of their security holes could cause
    customers to lose confidence and abandon ship. 
     
    "It's a risk for them," said Doris Gardner, a representative of the FBI's
    just-established National Infrastructure Protection Center. "Should they
    admit they have been hacked or hush up the problem?" 
     
    Whose bailiwick?
    
    To make matters worse, law enforcement officials seem poised to fight over
    who has jurisdiction in cyberspace. 
     
    Because the Internet crosses state boundaries, the FBI has been quick --
    after an initial slow start -- to assert its jurisdiction over
    cyber-crimes. But now state and local police look like they're ready to
    take issue with the FBI. 
     
    "If someone in [the neighborhood] has a computer problem, their first
    notion is to go the local police -- that's me," said a Chicago police
    officer at the conference, who asked not to be named. "They don't want to
    deal with the FBI." 
     
    Another problem: Despite the fact that only about one in 20 cases of
    computer break-ins are reported, the FBI is quickly becoming swamped.
    According to the NICP's Gardner, the new FBI organization has more than
    500 cases of computer crime pending, up 130 percent from 1996. If more
    cases of break-ins are detected and reported, the FBI might have too much
    to handle at once. 
     
    Not just the U.S.  
    
    This spells serious trouble for the United States.  Because the United
    States depends on the Internet and computer more than any other country,
    it's the country most at risk. 
     
    Yet, other nations -- including Israel, Canada, France, and Germany -- had
    representative looking to learn from the States' problems. 
     
    The problems have even reached the hinterlands of the Internet.  Five
    officers from the Botswana police department had made the trek to Chicago
    for the conference. 
     
    "We have had many problems with banks and computer crime," said Officer
    Tabathu Mulale. 
     
    At least in Botswana, their banks know they have problems. 
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:50 PDT