http://www.wired.com/news/politics/0,1283,43451,00.html By Ryan Sager 2:00 a.m. May. 1, 2001 PDT WASHINGTON -- When U.S. and international police gathered Monday for a cybercrime summit, they spent almost as much time complaining about unhelpful businesses as malicious hackers. David Townsend, a member of the FBI's technology task force, chastised corporations for under-reporting intrusions. "There are some big players with a significant interest in keeping their problems quiet," Townsend told the National Institute for Government Innovation's second cybercrime summit. Townsend said managers believe that admitting to a hack could hurt public perception, even driving stock prices down. (He quipped that tech shares had little room left to fall.) Kevin Mandia, director of computer forensics at Foundstone, said that out of 11 recent hacking incidents he handled, not one company decided to involve law enforcement. Robert McKoskey of MBNA, the United States' largest credit card firm, said: "Why would I even want to deal with law enforcement? I might even have some leverage with my bad guy if I don't prosecute." Another complaint: Judges aren't nearly strict enough, especially with juvenile hackers who run afoul of the law. Mike Clark, a defense attorney with Hamel, Bowers & Clark, said: "Judges give (hackers) very low sentences -- typically no more than 4 to 11 months." While the U.S. Sentencing Commission is scheduled to send new guidelines dealing with cybercrime to Congress on Tuesday -- essentially tripling sentences for fraud -- they may have little impact. Clark said judges use the current guidelines as "downward points of departure," meaning they tend to give lighter sentences than prescribed, on the assumption that malicious hackers are non-violent and don't belong behind bars. During a luncheon address, James Perry of Scotland Yard offered an international perspective that echoed the FBI's comments. "People talk too glibly about how public and private entities have to work in partnership," Perry said. "We have to acknowledge that there are problems." "We need some international agreements to move things along," Perry said, talking about the controversial cybercrime treaty being drafted by the United States and Council of Europe nations. Last week, an Estonian socialist said the treaty should ban "hateful" Web pages -- which would run afoul of the First Amendment in the United States. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Wed May 02 2001 - 01:49:10 PDT