Events Calendar
In This Section
Most Read Stories
Akron judge Linda Kersker dies
DiLullo's closes doors after 63 years
Portage man beaten at home, robbed of coins
Akron police arrest murder suspect within an hour
Call center to cut 250 jobs in Akron
Rib, White and Blue is festival of tastes
Man fit for trial in rape of girl, 2
UPDATE: Deadly motorcycle crash closes I-76
Blogs:
Pets:
Summit teams up with Rescue Waggin' to save dogs
The Heldenfiles:
I Hate "More To Love"
Patrick McManamon:
Ron Artest goes to the Lakers
Akron Zips:
Opponent outlook: Northern Illinois
Browns Bulletin:
Single-game ticket sales begin July 11
Tribe Matters:
Tribe needs to slow down opponents
Cleveland Browns:
Stallworth test showed marijuana
Kent State Sports:
Men's Basketball Scheduling update
Cleveland Cavaliers:
Updated: Free Agency: Another Gone - Apparently
All Da King's Men:
IPCC Already Wrong About Global Warming
Blog of Mass Destruction:
Wow….Sarah Palin Resigns Governorship
Akron Law Café:
Abraham Lincoln and the Fourth of July
Varsity Letters:
Highland senior receives honor
See Jane Style:
Picnic Wear
Car Chase:
Where do We Go from Here?
Let's Talk Real Estate:
Hate Crime in Fort Worth Texas: "That F***t had it Coming"
Ohio Travels with Betty:
Linda asks-where is the Ohio Chautauqua?
Sound Check:
Rundgren fans rejoice!: Second night of AWATS at The Civic added
HRLite House:
Sport Psychology and Performance Consulting
Akron Gamer:
Hot link: Best of Nintendo at E3
Efforts criticized for deficient funds, lack of understanding of threat's size
By Ryan Blitstein
San Jose Mercury News
Published on Thursday, Dec 27, 2007
SAN JOSE, CALIF.: Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a San Jose Mercury News investigation reveals.
''The U.S. government has not devoted the leadership and energy that this issue needs,'' said Paul Kurtz, a former administration homeland and cybersecurity adviser. ''It's been neglected.''
Even as the White House asked in November for $154 million toward a new cybersecurity initiative expected to reach billions of dollars over the next several years, security experts complain the administration remains too focused on the risks of online espionage and information warfare, overlooking international criminals who are stealing a fortune through the Internet.
''They're still not taking cybercrime seriously enough,'' said former administration cybersecurity adviser Marcus Sachs, now at Verizon Communications, reflecting the views of several former White House officials.
Experts like Sachs are en
couraged by the prospect of serious federal action on cybersecurity. But they remain concerned that the White House, years after it should have taken notice, continues to neglect a key component of this massive challenge.
The difficulties are systemic and widespread:
• Limited resources. Current and former agents contend there are too few federal cyberinvestigators and that too little is done to retain detectives with advanced technical training. Budget numbers appear to support the critics' complaints.
• Fractured responsibility. A half-dozen federal agencies fight organized Internet crime with overlapping programs and at times are barred from sharing information. One private security consultant described having to act as a go-between, linking information between two agencies unable to talk directly.
• An unfamiliar threat. Traditional crime-fighting techniques are often useless. And there are indications that top government officials still do not appreciate the scope or danger of the Internet fraud menace.
The FBI, for example, projected in early 2006 that cybercrime cost American businesses an annual $67.2 billion. But when asked recently if his unit had enough money to deal with a problem of that magnitude, a top FBI cybercrime official responded that he had never heard the number.
''That's way beyond anything I've seen,'' said Shawn Henry, FBI deputy assistant director for the cybercrime division. ''The biggest number I've seen is $5 billion.''
Told the figure came from the agency's own oft-cited report, Henry said it was issued a year before he assumed his position, and he was not familiar with it.
Lack of leadership
Since a 2003 presidential commission issued the National Strategy to Secure Cyberspace, the White House has suffered from a leadership vacuum on cybersecurity.
Richard Clarke, the former counterterrorism coordinator, retired as cybersecurity czar just as the strategy was published. His deputy took over, only to leave government two months later.
The administration then eliminated the post entirely and shifted responsibility from the White House to the Department of Homeland Security — which treated the issue largely as a terrorism and military risk, to the exclusion of the online criminal underground that began to flourish during the next few years.
In 2005, the Government Accountability Office issued a scathing report lamenting that department's inability to take on the cyberthreat as a whole.
''None of the senior leadership of DHS knew anything about cyber. They were all terrified about airplanes blowing up and people in body bags,'' recalled Clarke, now chairman of Good Harbor Consulting. ''They were so focused on the physical threats, cyber didn't make the cut.''
Officially, the FBI lists cybercrime as its third main priority, behind counterterrorism and counterintelligence.
But it is a distant third: For the fiscal year that just began, the FBI budget includes 5,987 full-time FBI staffers assigned to counterterrorism and 4,479 to counterintelligence. For cybercrime, it funds 1,151 employees, among them 659 agents.
Nor does this month's budget request alter that disparity. The $39 million FBI increase in newly sought cyberfunding was barely one-third of the proposed increase in its already-huge counterterrorism budget.
''This administration has said its budget priorities are the war in Iraq, fighting terrorism,'' as well as Hurricane Katrina recovery, said Keith Schwalm, a former White House homeland and cybersecurity aide and Secret Service cybercrimes agent. ''If you don't fall under one of those buckets, you don't get funded.''
Many responsibilities
Even within the cybercrime division, Internet attacks on American citizens and their private information are among several responsibilities. The threat of cyberterrorism — of spies or terrorists breaking into government computers — is the primary concern. Compact disc piracy also falls within the division's jurisdiction.
And one in three FBI Internet crime investigations last year focused on a very different area: online child pornography and exploitation.
Child pornography cases ''get all the press attention, and they can say they're doing something about cybercrime,'' said Susan Brenner, a University of Dayton law professor who studies policing on the Internet. But, she contends, the government is failing to pursue the most sophisticated — and potentially dangerous — cybercriminals.
It's not that Robert Mueller, the FBI director, is ignorant of the cybercrime problem. As the U.S. attorney for Northern California in the late 1990s, Mueller created the Justice Department's first computer hacking and intellectual property unit. Two years ago, Mueller called the threat of cybercrime ''serious'' and getting worse.
However, agents in the field say they need more money to respond to the threat. ''We probably do not have the right amount of resources or training in place,'' Scott O'Neil, chief of the FBI's computer intrusion section, said at a September forum on cybercrime in Mountain View, Calif. ''But we're doing the best we can.''
Not enough agents
The Secret Service, now a unit within the Homeland Security Department, is similarly constrained. Next year, the department proposes cutting staffing for the Secret Service division that investigates cybercrime by more than 10 percent, as it faces an increased need to protect presidential candidates.
''Federal law enforcement needs more agents to deal with this,'' said Ron Plesco, executive director of the National Cyber-Forensics and Training Alliance, a government-funded nonprofit that investigates cybercrime.
Inadequate budgets are only exacerbated by the departures of many experienced investigators. Some leave out of frustration with rotation policies, which encourage, if not force, agents with cybercrime proficiency to leave their skills behind for positions in unrelated units.
A June report of the GAO, the investigative arm of Congress, criticized these practices and said: ''FBI and Secret Service officials acknowledged that the rotation policies have at times resulted in these agencies under-utilizing staff with cyber expertise.''
To their credit, the FBI, Homeland Security Department and other agencies spend tens of millions of dollars each year on technologies and facilities to aid cyberinvestigations and network protection. Yet that funding has been nowhere near enough to keep up with the burgeoning expansion of Internet crime in the past few years.
The FBI launched a network of high-tech crime labs in 2000 devoted to the growing cybercriminal threat. But those labs have been bogged down with forensic examinations in a wide variety of cases unrelated to cyberspace, ranging from the Bay Area Laboratory Co-operative (BALCO) steroids cases to the public corruption investigation of former Illinois Gov. George Ryan.
In an April 2005 report, the American Prosecutors Research Institute, discovered a six-month backlog for forensic examinations at the FBI's San Diego lab. The bureau's Ohio lab said in its most recent annual report that its top priority was to reduce the laboratory's backlog, even as its caseload was increasing.
SAN JOSE, CALIF.: Since the outbreak of a cybercrime epidemic that has cost the American economy billions of dollars, the federal government has failed to respond with enough resources, attention and determination to combat the cyberthreat, a San Jose Mercury News investigation reveals.
Get the full article here.
Comments
Click here to post your comments
