Increase in cyberthreats spurs feds, industry

Increase in cyberthreats spurs feds, industry
Increase in cyberthreats spurs feds, industry 

By Wilson P. Dizard III
Federal Computer Week
June 27, 2007

ORLANDO, Fla. -- A reinforced cadre of federal cybercrime prosecutors 
and technicians at the third annual GFirst conference marshaled new 
deterrents and defenses against the rising level of cyberattacks, as 
industry executives forecast increases in the market for security 

More than 550 people from about 70 organizations attended the 
conference, including dozens from the Justice Departments Computer 
Hacking and Intellectual Property Coordinators Conference. The CHIPS 
attendees convened several closed meetings to discuss investigative and 
legal strategies against cybercrime.

CHIPS has grown from five prosecutors in 1991 to more than 240 DOJ 
attorneys, including two prosecutors in each regional office and a 
headquarters team in Washington, officials said. CHIPS members provide 
technical and legal support to other prosecutors and Justice officials.

Greg Garcia, the Homeland Security Departments assistant secretary for 
cybersecurity and communications, said his organization had received 
more than 21,000 reports of cyber incidents through May during this 
fiscal year, in contrast to about 24,000 during all of 2006.

Phishing attacks accounted for about 72 percent of complaints in the 
most recent quarter, Garcia said in his opening remarks.

He highlighted the importance of the sector-specific infrastructure 
protection plans that DHS released in May. Adding operational content to 
those plans is a major department goal for the rest of this year and 
beyond, he added.

DHS worked with infrastructure-sector teams known as Information Sharing 
and Analysis Councils (ISACs) to frame the plans.

Speaking during a subsequent panel alongside leaders of the Information 
Technology and Communications ISACs, Garcia said he and his industry 
peers would work during the coming months to combine operational 
functions of the two industry groups.

Increasingly we are finding that IT and communications are one and the 
same, Garcia said.

We are working with the IT ISAC [and its communications counterpart] to 
co-locate them under one roof to increase the level of integration and 
situational awareness, Garcia said. This is a longer-term objective of 
mine and one we are getting started on right now.

The IT ISAC recently convened the first meeting of a horizontal national 
computer infrastructure working group that attracted participation from 
representatives of several other infrastructure sectors, said Guy 
Copeland, president of the IT ISAC.

That working groups initial meeting last month drew more than 40 
attendees, and more are expected to attend future meetings, Copeland 
said. He also works as vice president for Information Infrastructure 
Advisory Programs at Computer Sciences Corp.

The first step [for the horizontal IT ISAC working group] will be to 
look for commonly shared IT issues across the various infrastructure 
sectors, Copeland said.

IT security industry executives at the concurrent security product 
exposition agreed that the market for their products is booming.

With security products, you expect attention from early adopters such as 
the federal government and the financial industry, said Joshua Shaul, 
director of systems engineering at Application Security, a software 
vendor. Now, there is increased attention from the manufacturing, retail 
and other sectors.

Other vendor executives cited increased security threats from factors 
such as botnets as drivers of market growth in the government and 
private sectors.

In a separate, private interview, Garcia cited the role of botnets 
during recent cyberattacks on Estonian government and commercial sites. 
He noted that although Estonian government officials charged that the 
attacks were orchestrated by the Kremlin, the North Atlantic Treaty 
Organization had not characterized them as an act of war.

In botnet incidents, Garcia said, attribution is really difficult. 
Before you declare war you have to know who the enemy is.

That is what makes the botnet challenge so vexing, Garcia continued. It 
is very difficult to trace back to the botnet herder. We have working 
group within the National Cyber Response Coordination Group working to 
understand botnets better, to deal with them and stop them.

Garcia said his office had assigned a technical support official to work 
in Estonia for several days to assist technicians in that NATO member 

Additional sessions at the conference focused on detailed legal and 
technical approaches to analyzing and prosecuting cyber crimes, among 
other topics.

GFirst is an acronym for Government Forum of Incident Response and 
Security Teams.

Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. 

Site design & layout copyright © 1986-2014 CodeGods