[ISN] U.S. Backing for Guidelines on Fighting Cybercrime

From: InfoSec News (isnat_private)
Date: Thu Feb 14 2002 - 01:40:13 PST

  • Next message: InfoSec News: "[ISN] Chief Takes Over New Agency to Thwart Attacks on U.S."

    Forwarded from: sscaletat_private
    February 12, 2002
    The first guidelines for responding to attacks on computer systems to
    be endorsed by both the F.B.I. and the Secret Service, the main
    Federal agencies fighting such crimes, were published yesterday.
    The guidelines were drafted by government and private security experts
    brought together by CIO magazine, a trade publication for information
    technology executives.
    The guidance comes at a time when the number of both government and
    private organizations trying to track and fight electronic crimes has
    been expanding, partly in response to Sept. 11. But experts say many
    businesses continue to be reluctant to provide law enforcement
    officials with enough information to pursue cybercriminals. Companies
    often fear that they will lose business if security breaches become
    public or that they will become the target of revenge attacks.
    "People are very fearful of all the publicity that surrounds going
    after someone and convicting them," said Bruce Schneier, chief
    technology officer of Counterpane, a computer security company based
    in Cupertino, Calif.
    Such fears can be overcome in many cases, said Ronald L. Dick, the
    F.B.I. official who heads the government's National Infrastructure
    Protection Center. "They'll share information with us every time if
    they have an inkling we can prosecute successfully," Mr. Dick said.  
    Still, he said, the new guidelines should help fight fears that the
    government agencies would respond to intrusion reports "by seizing
    your server and putting yellow tape around it."
    The 12-page CIO guidelines provide complete contact information for
    businesses to report intrusions to public authorities and various
    information-sharing partnerships like the 65 InfraGard chapters the
    F.B.I. has helped set up around the nation. They also outline
    practices that the F.B.I. and Secret Service advocate, like developing
    relationships with electronic crimes experts at the agencies ahead of
    time so that managers have a personal contact to take their call.
    The guidelines advise against reporting minor intrusions, like the
    efforts of outsiders to scan corporate systems for ways to penetrate
    them. Such probes can occur hundreds or even thousand of times a month
    at a major company. While such information could be useful in theory,
    the guidelines say, it would swamp the current data systems of
    clearinghouses like the National Infrastructure Protection Center or
    the Internet Storm Center, which is operated by the SANS Institute, an
    international research organization for security experts.
    Breaches of computer defenses by worms, viruses, hacks and other
    intrusions that cause damage are another matter. Law enforcement
    officials need all the help they can get in catching up with such
    activity, said Bruce A. Townsend, special agent in charge of the
    Secret Service's financial crimes division.
    "This is constantly evolving, unlike something like drug trafficking,"  
    Mr. Townsend said.
    Most experts say cybercrimes cost billions of dollars annually. Last
    year, only 36 percent of those who experienced intrusions reported
    them to authorities, according to an annual survey by the Computer
    Security Institute and the San Francisco office of the F.B.I.
    Mr. Townsend said the major part of the guidelines was not the
    standardized form for reporting intrusions but the emphasis on
    planning ahead. Some experts argue though that few companies will do
    an adequate job in that regard unless forced to by regulatory
    "We need metrics of how prepared people are for cyberattacks and
    provisions like the Securities and Exchange Commission required for
    Y2K for corporate disclosure," said Harris N. Miller, president of the
    Information Technology Association of America, a trade group that has
    participated in organizing information-sharing groups on security
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Thu Feb 14 2002 - 04:59:49 PST