Originally Published: Wednesday, 26 January 2000 Author: Derrick H. Lewis
Published to: news_enhance_security/Security News Page: 1/1 - [Std View]

Cybercrime Fighters Face Obstacles.

[CC] In their efforts to combat criminal activity online, federal, state and local agencies charged with implementing cyber crime detection and prosecution programs are presented with the same quandary: That the growing threat posed by cyber crime is neither federal nor local in scope.

Cybercrime Fighters Face Obstacles By Brian Krebs, Newsbytes. January 26, 2000

In their efforts to combat criminal activity online, federal, state and local agencies charged with implementing cyber crime detection and prosecution programs are presented with the same quandary: That the growing threat posed by cyber crime is neither federal nor local in scope. At the Institute for International Research's (IIR) national summit on "cyber crime", state and local law enforcement and representatives from numerous federal agencies met today to discuss methods of combating computer crime. Perhaps the one consensus that emerged from the first day of discussions is that there are no solutions that work across-the-board. "In a very real sense, this is a problem that is all out of proportion to what states and local governments are used to handling," said cyber crime attorney Dan J. Ryan. "And on the federal level, you're talking about efforts to impose a legal framework that stretch across national borders," Ryan said. Many state and local governments are just beginning to accept the notion that cyber crime - whether in the form of fraud, hacker attacks, or traffic in child pornography - is a very real and present threat. The problem is confounded by the fact that the vast majority of companies doing business online shy away from reporting security intrusions, fraud or theft for fear of losing business and consumer confidence. "Companies don't want to admit they've got a problem for fear they'll just be sending a red flag to other hackers out there," said Tom Lambert, Virginia's assistant attorney general and director of the state's computer crime unit. Consequently, he said, most states don't have a clear picture of the true scope of cyber crime activity. A recent study revealed that 65 percent of companies polled in 1998 reported security breeches resulting in total losses of more than $136 million. NIPC officials estimated that many companies significantly underreport such breeches, saying estimates of total losses could actually be as high as $3 billion each year. At the state level, there are few locales in which cyber crime is a greater threat than in the Commonwealth of Virginia. The state is home to several Internet and communications giants - including America Online (AOL) and MCI's UUNET backbone - that together accommodate more than 60 percent of the world's Internet connectivity and e-commerce platforms.   Lambert said the state recognizes the need to work with private corporations in fighting cyber crime, as evidenced by its agreement with AOL to address the much less serious but equally pervasive problem of unsolicited e-mail advertising, better known as "spam." He added that the Virginia General Assembly recently bypassed its usual appropriations process to outright fund a cyber crime unit. But, Lambert said, working with other states in cyber crime prevention and prosecution often results in heated jurisdictional wrangling. Citing the spam example, Lambert said in many states spamming is a misdemeanor, while other states have no such laws on the matter. "I think there are quite a few turf battles out there on many of these issues, especially since many states have different laws - if any - as to how cyber crimes should be handled," Lambert said. He said that Virginia is currently working to amend its own fraud and abuse laws to include a wide range of cyber crime violations. Karl A. Seger, president of Associated Corporate Consultants, said cyber criminals have a much easier time inflicting damage than they did just ten years ago. The near ubiquitous sources of Internet access and dowloadable tools, he said, have made cyber crime a much more attractive occupation to even the casual "cracker."   "Crackers can now simply go to a Web page on the Internet and download viruses and other mischief-making tools," he said. "These days, being a hacker doesn't require a whole lot of technical knowledge or sophistication." The strategic threat posed by hackers and cyber terrorists is one the Federal Government is taking very seriously. President Clinton recently proposed a $2 billion plan to combat computer terrorism and protect  computers used to support vital infrastructures, including communications, banking and finance, energy, and transportation. The government agency leading that charge is the National Infrastructure Protection Center (NIPC). At today's meeting, NIPC Deputy Director Ron Dick said his organization is primarily oriented to address cyber crime on three levels: Industrial espionage, so-called "hacktivists," and foreign entities that would seek to exploit weaknesses in US security systems to wage information warfare.   So far, Dick said, the majority of cyber crime and hacker intrusions come from US citizens and former disgruntled employees. But, he said, an increased awareness of the interdependence of critical infrastructures and their pivotal importance to the health of the country's economy has propelled the nation's law enforcement agencies to prosecute cyber crime more aggressively. Even so, said Ryan, computer crime is a global problem that can only be addressed in terms of regional cooperation. US attempts to draft laws to legislate the issue on an international level, however, are likely to be met with a great deal of resistance, he said. "Issues of adjudication and enforcement aside, the US would be attempting to regulate this new place by trying to enforce moral standards," Ryan said. Ryan said he believes the world's economies will more likely coalesce into "cyber-political" units to combat Internet crime. As the Internet lowers more barriers to free trade and nations become more connected electronically, he said, governments halfway around the world working toward a single solution will be able to act as a unit in ways never before possible. "The situation we're in now kind of makes your head spin because we're fighting to keep this an open place, but at the same time we're looking outward to try to deal with other countries."