Not enough companies reporting cyber attacks, says FBI director
San Jose (CA) - The FBI is stepping up its efforts to fight cybercrimes. At the RSA Security Conference, agency director Robert Mueller asked the private industry to get more active in reporting attacks as there are simply too many threats and avenues of attack that the FBI can’t go alone. In exchange, the FBI promises to ensure the privacy of firms and protect critical and proprietary information.
While certain cyber crimes receive great public exposure and companies have increased their efforts in collaborating with federal agencies to identify individuals behind an attack, Mueller claims that companies are not involved at a level that is necessary to efficiently battle crime. "No person, no agency, no company, indeed no country can prevent crime and terrorism on its own," Mueller said in this speech at the conference. Most companies that experience network intrusions do not report the incidents to law enforcement out of privacy and other concerns, he said.
Companies often fear that reporting attacks to law enforcement will result in public exposure that could result in negative reporting, loss of competitive advantage and perhaps trade secrets leaking out. Mueller urged the audience of info-security professionals to share cyber crime data to enable a collaborative effort to find the sources of a particular attack. He promised that his agency will take steps to ensure their privacy : "We don’t want companies to feel victimized a second time because of our investigation."
Mueller described several cases in which law enforcement and private industry worked together to solve computer crimes. For example, he highlighted the cooperation with Microsoft to identify the hacker that released the Mytob and Zotob worms as well as the assistance of with the American Red Cross, PayPal and Mastercard to investigate 6000 Hurricane Katrina donation websites. Several of those sites were fraudulent and shutdown and "numerous" others were referred to state and local agencies for prosecution, Mueller said.
While outdated government policies were barriers for industry participation in the past, Mueller said that it is the perception of further harm caused by an investigation that keeps companies from reporting cyber attacks. If proprietary information or even trade secrets involved that barrier may get even higher, as firms feel that information may be leaked. Mueller however said that this will not happen : "We will not release proprietary information and in case of theft of trade secrets we can get protective orders."
- Oracle buys developer of VoIP applications
- 1080p HD not supported by ATI, Nvidia?
- Nintendo unveils TV, Web browser features for DS
- Infineon blamed for Xbox shortage fiasco
- Lawmakers blast tech giants over China
- Eurocom launches notebook with 19" screen and two graphics cards
- European Commission rejects Microsoft defense, says company missed deadline
- Microsoft Office Live beta goes live
- Toshiba, NEC and Fujitsu jointly introduce common specifications for mobile RAM
- LGE expects global PDP panel market to reach 25 million units in 2010
- ApaceWave to begin volume shipments of WiMAX chips in 2007
- Nvidia to launch 90nm GeForce 7900 GPUs on March 9
- Intel dual-core embedded platform to extend applications for industrial PCs
- TI CEO: Ultra-low-cost handset costs to edge down to $15
- Atheros certain to become top provider for WLAN solutions in 2006
- Silicon wafer shipments increase 6% in 2005, revenues up 8%
- Amazon, 4 music firms discuss digital service: report
- Apple updates iDVD, iPhoto, iWeb, iTunes, iMovie
