Container Top
Homes   Jobs   Cars   Shopping
Search

Events Calendar

EVENT SEARCH:

In This Section


Most Read Stories


Blogs:


Pets:
Not 101 Dalmations…but close!

The Heldenfiles:
Friday Notebook

Patrick McManamon:
For your perusal

Akron Zips:
No. 1 UA soccer remains perfect, Zips football defeats rival Flashes

Tribe Matters:
Tribe makes roster moves

Cleveland Browns:
Lewis doesn't like boycott

Kent State Sports:
Kent State falls to Akron, 20-28

Cleveland Cavaliers:
Gameblog: Cavs at Knicks

Buckeye Blogging:
Weekly ‘B’ Deck Report – New Mexico St.

Varsity Letters:
Wrestling, bowling teams prepare for season

All Da King's Men:
If It Looks Like Islamic Terrorism…

Blog of Mass Destruction:
Dems Message To Women: Don't Enjoy The Sex

Akron Law Café:
Health Care Financing Reform: (62) The Stupak Amendment

See Jane Style:
Muffle Your Muffler

Car Chase:
Perfect Weather for an Autumn Drive

Let's Talk Real Estate:
RUMORS: Downtown Restaurant Explosion

Ohio Travels with Betty:
Jack is looking for a trip to Southern Ohio the week of November 16.

Sound Check:
The Black Keys to perform benefit concert at Musica on November 27

HRLite House:
Personal Rant – Why People Do Not Live in Northeast Ohio

Akron Gamer:
New 'Call of Duty' could set entertainment record

Experts fail government on cybersecurity

Efforts criticized for deficient funds, lack of understanding of threat's size

By Ryan Blitstein
San Jose Mercury News

Published on Thursday, Dec 27, 2007

SAN JOSE, CALIF.: Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a San Jose Mercury News investigation reveals.

''The U.S. government has not devoted the leadership and energy that this issue needs,'' said Paul Kurtz, a former administration homeland and cybersecurity adviser. ''It's been neglected.''

Even as the White House asked in November for $154 million toward a new cybersecurity initiative expected to reach billions of dollars over the next several years, security experts complain the administration remains too focused on the risks of online espionage and information warfare, overlooking international criminals who are stealing a fortune through the Internet.

''They're still not taking cybercrime seriously enough,'' said former administration cybersecurity adviser Marcus Sachs, now at Verizon Communications, reflecting the views of several former White House officials.

Experts like Sachs are en
couraged by the prospect of serious federal action on cybersecurity. But they remain concerned that the White House, years after it should have taken notice, continues to neglect a key component of this massive challenge.

The difficulties are systemic and widespread:

• Limited resources. Current and former agents contend there are too few federal cyberinvestigators and that too little is done to retain detectives with advanced technical training. Budget numbers appear to support the critics' complaints.

• Fractured responsibility. A half-dozen federal agencies fight organized Internet crime with overlapping programs and at times are barred from sharing information. One private security consultant described having to act as a go-between, linking information between two agencies unable to talk directly.

• An unfamiliar threat. Traditional crime-fighting techniques are often useless. And there are indications that top government officials still do not appreciate the scope or danger of the Internet fraud menace.

The FBI, for example, projected in early 2006 that cybercrime cost American businesses an annual $67.2 billion. But when asked recently if his unit had enough money to deal with a problem of that magnitude, a top FBI cybercrime official responded that he had never heard the number.

''That's way beyond anything I've seen,'' said Shawn Henry, FBI deputy assistant director for the cybercrime division. ''The biggest number I've seen is $5 billion.''

Told the figure came from the agency's own oft-cited report, Henry said it was issued a year before he assumed his position, and he was not familiar with it.

Lack of leadership

Since a 2003 presidential commission issued the National Strategy to Secure Cyberspace, the White House has suffered from a leadership vacuum on cybersecurity.

Richard Clarke, the former counterterrorism coordinator, retired as cybersecurity czar just as the strategy was published. His deputy took over, only to leave government two months later.

The administration then eliminated the post entirely and shifted responsibility from the White House to the Department of Homeland Security — which treated the issue largely as a terrorism and military risk, to the exclusion of the online criminal underground that began to flourish during the next few years.

In 2005, the Government Accountability Office issued a scathing report lamenting that department's inability to take on the cyberthreat as a whole.

''None of the senior leadership of DHS knew anything about cyber. They were all terrified about airplanes blowing up and people in body bags,'' recalled Clarke, now chairman of Good Harbor Consulting. ''They were so focused on the physical threats, cyber didn't make the cut.''

Officially, the FBI lists cybercrime as its third main priority, behind counterterrorism and counterintelligence.

But it is a distant third: For the fiscal year that just began, the FBI budget includes 5,987 full-time FBI staffers assigned to counterterrorism and 4,479 to counterintelligence. For cybercrime, it funds 1,151 employees, among them 659 agents.

Nor does this month's budget request alter that disparity. The $39 million FBI increase in newly sought cyberfunding was barely one-third of the proposed increase in its already-huge counterterrorism budget.

''This administration has said its budget priorities are the war in Iraq, fighting terrorism,'' as well as Hurricane Katrina recovery, said Keith Schwalm, a former White House homeland and cybersecurity aide and Secret Service cybercrimes agent. ''If you don't fall under one of those buckets, you don't get funded.''

Many responsibilities

Even within the cybercrime division, Internet attacks on American citizens and their private information are among several responsibilities. The threat of cyberterrorism — of spies or terrorists breaking into government computers — is the primary concern. Compact disc piracy also falls within the division's jurisdiction.

And one in three FBI Internet crime investigations last year focused on a very different area: online child pornography and exploitation.

Child pornography cases ''get all the press attention, and they can say they're doing something about cybercrime,'' said Susan Brenner, a University of Dayton law professor who studies policing on the Internet. But, she contends, the government is failing to pursue the most sophisticated — and potentially dangerous — cybercriminals.

It's not that Robert Mueller, the FBI director, is ignorant of the cybercrime problem. As the U.S. attorney for Northern California in the late 1990s, Mueller created the Justice Department's first computer hacking and intellectual property unit. Two years ago, Mueller called the threat of cybercrime ''serious'' and getting worse.

However, agents in the field say they need more money to respond to the threat. ''We probably do not have the right amount of resources or training in place,'' Scott O'Neil, chief of the FBI's computer intrusion section, said at a September forum on cybercrime in Mountain View, Calif. ''But we're doing the best we can.''

Not enough agents

The Secret Service, now a unit within the Homeland Security Department, is similarly constrained. Next year, the department proposes cutting staffing for the Secret Service division that investigates cybercrime by more than 10 percent, as it faces an increased need to protect presidential candidates.

''Federal law enforcement needs more agents to deal with this,'' said Ron Plesco, executive director of the National Cyber-Forensics and Training Alliance, a government-funded nonprofit that investigates cybercrime.

Inadequate budgets are only exacerbated by the departures of many experienced investigators. Some leave out of frustration with rotation policies, which encourage, if not force, agents with cybercrime proficiency to leave their skills behind for positions in unrelated units.

A June report of the GAO, the investigative arm of Congress, criticized these practices and said: ''FBI and Secret Service officials acknowledged that the rotation policies have at times resulted in these agencies under-utilizing staff with cyber expertise.''

To their credit, the FBI, Homeland Security Department and other agencies spend tens of millions of dollars each year on technologies and facilities to aid cyberinvestigations and network protection. Yet that funding has been nowhere near enough to keep up with the burgeoning expansion of Internet crime in the past few years.

The FBI launched a network of high-tech crime labs in 2000 devoted to the growing cybercriminal threat. But those labs have been bogged down with forensic examinations in a wide variety of cases unrelated to cyberspace, ranging from the Bay Area Laboratory Co-operative (BALCO) steroids cases to the public corruption investigation of former Illinois Gov. George Ryan.

In an April 2005 report, the American Prosecutors Research Institute, discovered a six-month backlog for forensic examinations at the FBI's San Diego lab. The bureau's Ohio lab said in its most recent annual report that its top priority was to reduce the laboratory's backlog, even as its caseload was increasing.

SAN JOSE, CALIF.: Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a San Jose Mercury News investigation reveals.

Get the full article here.


Story tools

Email  Email   Print  Print   Save  Save   Reprint  Reprint   Popular  Most Popular   Reprint  Subscribe

Share this story

AddThis Social Bookmark Button















Most Commented Stories