Cybercrime getting the attention of DHS

Cybercrime is emerging as the leading IT threat, public and private-sector security experts said Thursday at a summit hosted by in Washington.

'At the moment, that is the area of greatest interest,' said Amit Yoran, head of the Homeland Security Department's cyber security directorate.

Crime now ranks above the threat of cyberterrorism on the DHS radar screen. Market forces are seen as the driving force behind this development, and DHS also is relying largely on market forces to combat it.

'We're trying to energize the market to focus on security,' Yoran said.

Yoran's assessment matched that of the private sector. John Watters, CEO of iDefense Inc., said electronic criminal activity threatens to become a 'perfect storm.' The criminals are strongly motivated by money, well-organized and have acquired high levels of skill.

'If there is money available, there are going to be people trying to get it,' Watters said.

Watters said nations are incorporating information operations into their military strategies'in plain terms, they are learning to hack their enemies.

But it is difficult to assess the level of activity because it often is masked by the activity of traditional rogue hackers. Cyberterrorists are highly motivated, but have not yet developed the level of organization or the skills necessary to carry out serious attacks.

'Their likelihood of success is very low,' Watters said. 'The level of talent we are seeing is relatively low.'

But Watters said there is a danger that advances in exploitation of IT vulnerabilities by criminal organizations will be adopted by nations and terrorists.

The development of wholesale markets for stolen data, such as credit card information, is driving organized criminal activity online.

Many analysts believe outbreaks of malicious code in the last year may be directly related to criminal activity, as groups work to create networks of compromised computers to distribute more malicious code and harvest information.

Yoran said that better software quality and assurance is necessary to prevent these attacks. But he steered clear of suggestions that government regulation or product liability should be used to spur improved software development.

'There is nothing pending,' he said of regulations. 'We're not ruling anything out, but it shouldn't be the first tool we bring to bear. I believe that meaningful progress can be made more quickly by adoption of automated tools and better practices' for software development.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected