[ISN] FBI's Cyber-Crime Chief Relates Struggle for Top Talent

From: InfoSec News (isn@private)
Date: Wed Dec 01 2004 - 03:10:34 PST


http://www.eweek.com/article2/0,1759,1733838,00.asp

By Ryan Naraine 
November 30, 2004

The FBI's inability to recruit and keep the best available IT talent
has proven to be one of the biggest challenges facing the government's
Internet Crime Complaint Center (I3C), a senior official said Tuesday.

Delivering the keynote address on the opening day of Ziff Davis
Media's Security Virtual Tradeshow, I3C chief Daniel Larkin said the
center's staffing problems underline the need for deeper cooperation
between the FBI and the IT industry to win the battle against
sophisticated cyber-criminals.

"We can't recruit and keep the best available minds in the IT world.  
They come, stay a few years and move on because, ultimately, we can't
pay what the industry pays for talent," Larkin said, adding that the
bureau also has experienced difficulties with keeping pace with
employees' training needs.

Because of those shortcomings, Larkin said, the I3C spent the past
four years forging partnerships with the biggest names in the tech
industry to share expertise, coordinate on intelligence and develop
best practices and protocols for fighting cyber-crime.

He said the unit has come a long way since its creation in 2000 as the
Internet Fraud Complaint Center (IFCC). Originally formed as
partnership between the FBI and the National White Collar Crime Center
(NW3C) to fight online fraud, Larkin said the unit had to evolve to
keep up with the rapidly changing face of crime on the Internet.

The I3C now tackles a range of criminal schemes on the Internet,
including spam, phishing, spoofed or hijacked bank accounts,
international reshipping schemes with origins in West Africa,
cyber-extortion, computer intrusions and economic espionage.

Larkin discussed several major highlights over the years, including
"Operation Web Snare" in August, which led to the arrests or
convictions of more than 150 individuals and the return of 117
criminal complaints and indictments.

Operation Web Snare was a collaborative effort that included work by
36 U.S. Attorney's offices nationwide, the criminal division of the
Department of Justice, 37 of the FBI's 56 field divisions, 13 of the
Postal Inspection Service's 18 field divisions, and the Federal Trade
Commission, together with a variety of other federal, state, local and
foreign law enforcement agencies.

Larkin outlined the need to develop new training capabilities to keep
up with online scammers who use multiple techniques to hoodwink
Internet users into giving up sensitive personal data.

"We can use individuals from academia and the tech industry to
cross-pollinate resources and feed that to our cyber forensics labs to
help build strong cases," he said.

"The cycling of new resources into a project brings fresh minds and
fresh tactics. That's much more desirable than someone who had been
engaged for a few years," he added.

"Originally, we were trying to create the mother of all databases to
deal with online fraud. But with our staffing problems, we decided it
was better to let the industry leaders do that," Larkin said, adding
that the I3C now uses a simple, uniformed format for data collection
that allows a high level of collaboration.

"We act as a bridge between the industry groups and the task forces
working the cases. We'll partner with all sides to ensure that
information is flowing smoothly," he said.

-=-

Editor's Note: The Ziff Davis Media Security Virtual Tradeshow is run
by eSeminars, a division of Ziff Davis Media, parent company of
eWEEK.com.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Wed Dec 01 2004 - 14:07:40 PST