Re: [ISN] Feds pursue secrecy for corporate victims of hacking

From: InfoSec News (isnat_private)
Date: Sun Nov 03 2002 - 22:30:49 PST

  • Next message: InfoSec News: "[ISN] Open source courses through DOD"

    Forwarded from: hugginsat_private
    
    Let me see if I get this right
    
    I'm xyz bank I haven't taken the initiative to hire a security mangaer
    or have hired one but, pay them minimum, they tell me I need to fix
    security holes I say nah to expensive.  I get hacked, my user data
    base and credit card information is stolen.  Numerous account users
    identities are stolen but, because I report it to the FBI I dont need
    to disclose it to my stake holders, or customers at will.  Hmmm!
    sounds great rob me again.
    
    
    > http://www.nandotimes.com/technology/story/601028p-4652104c.html
    >
    > By TED BRIDIS, Associated Press
    >
    > WASHINGTON (October 31, 2002 6:36 p.m. EST) - Senior law enforcement
    > officials assured technology executives Thursday that government
    > will increasingly work to keep secret the names of companies that
    > become victims to major hacking crimes, along with any sensitive
    > corporate disclosures that could prove embarrassing.
    >
    > The effort, described at a cybercrime conference in northern
    > Virginia, is designed to encourage businesses to report such attacks
    > and build public confidence in Internet security. Officials promised
    > to use legal mechanisms, such as protective orders and sealed court
    > filings, to shield corporate hacking victims from bad publicity.
    >
    > "It's important for us to realize that you have certain concerns as
    > victim companies that we have to acknowledge," FBI Director Robert
    > Mueller said. He promised, for example, that FBI agents called to
    > investigate hacking crimes will arrive at offices discreetly without
    > wearing official jackets with "FBI" emblazoned on them.
    >
    > "The mere calling of us in an investigation can have an adverse
    > impact on the image of your company," said Mueller, who has made
    > cybercrime an FBI priority. In exchange for this protection, Mueller
    > said, companies should more frequently admit to the FBI when they
    > are victims of hacking. "You're not enabling us to do the job," he
    > said.
    
    [...]
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Nov 04 2002 - 00:50:51 PST