Government Computer News
Feds want help from private sector on IT security
LAS VEGAS—For a decade federal law enforcement officials have been preaching the gospel of private-sector cooperation. The need for cooperation has long been obvious, but an FBI official told a gathering of computer security experts and hackers that the government is getting serious about the effort.
Digg
De.licio.us
Slashdot
Technorati
“Critical information about terrorism and other cybercrimes we are working on often resides with you folks, and will come to you first,” Dan Larkin, a unit chief of the FBI’s Internet Crime Complaint Center, said Wednesday at the opening of the Black Hat Briefings security conference.
But gaining the trust of the private sector has been difficult, and a good part of that problem has been the government’s failures to follow through in using data it collects and to accommodate the private sector’s needs.
An academic study on the use of the Internet to investigate organized crime, commissioned by the FBI in 1999, identified two channels of funding used by al-Qaeda in planning the Sept. 11, 2001, attacks on the United States. When that was realized, a light went on in the bureau, according to Larkin.
“We need to go after these partnerships more aggressively,” he said.
The stakes in this game of cat and mouse between law enforcement and cybercriminals are getting higher.
“Spam and cybercrime are really about the money,” Larkin said. “It’s not just the script kiddies any more. There are people making a lot of money out there.”
Security experts have been noting the commercialization of malicious code for several years now as a sophisticated black market in malware has changed the goal of hacking from bragging rights to financial gain.
Unreported vulnerabilities are auctioned off in this online marketplace and exploits are packaged into retail toolkits that can be used to snare potentially valuable information.
Finjan Inc. of Santa Clara, Calif., reported in a quarterly study of threat trends that new exploits are focusing on active content used on Web sites. These can perform stealthy attacks that maintain a steady leak of data from unsuspecting victims.
![1105 Government Information Group [happiness]](/images/1105logo_website.gif "Government Computer News [happiness]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
