Law enforcement at disadvantage in war on cybercrime
Better information sharing, better information are keys to combating cybercrime wave
The two things law enforcement and government need to combat the epidemic of cybercrime is better information sharing and better information to share, a panel of security experts on Capitol Hill concluded Monday.
The panel was put together by the Advisory Committee to the Congressional Internet Caucus to discuss cybersecurity threat assessment. The picture they painted was a familiar one of increasingly sophisticated online criminals responsible for a global crime wave that law enforcement has neither the technical nor legal resources to combat.
'Information sharing is one of the keys to solving this problem,' said Gary Warner, of the computer and information sciences department of the University of Alabama at Birmingham.
Warner said that when some banks began sharing lists of compromised IP addresses to compare with fraudulent account activity, they were able to prevent some losses. But that kind of cooperation still is not common, especially in government, said Keith Rhodes of the Government Accountability Office's Center for Technology and Engineering.
'Unfortunately, there is a lot of talk about information sharing' in government, but not much action, Rhodes said.
Many agency managers do not want to report or acknowledge problems, and the result is that common problems crop up repeatedly in networks. This shows up in GAO's penetration tests of those networks, Rhodes said.
'They never stop us,' he said. 'We always get in, they never see us and they never react properly.'
Law enforcement agencies generally do not have the level of technical expertise available to cybercriminals, said Gregory Crabb of the U.S. Postal Inspection Unit's global cyberinvestigations unit. This makes it difficult to get an adequate return on the time and effort invested in investigation of computer crime. More research and training for investigators are needed, he said.
The Postal Inspection Service is doing its part toward this by participating, along with the FBI and state and local law enforcement agencies, in the National Computer Forensics and Training Alliance. The alliance offers a confidential forum for sharing information by agencies and with the private sector. The service has invested $850,000 in a NCFTA training center.
'That's a major investment, because the Postal Inspection Service doesn't get funding from Congress,' Crabb said.
Rhodes said government also needs to do a better job on its own cybersecurity.
'The government has to get its house in order' and provide a practical example as well as mandates and regulation to be a responsible partner in the public-private partnership necessary to secure cyberspace, he said. 'I don't see anyone in government being held accountable for their security' until a lapse makes front-page news. 'And that's not being held accountable. That's just being embarrassed.'