Thursday, November 15, 2007

US Government Critisized for Ignoring Cybercrime

The San Jose Mercury ran a series of articles on the failure of US authorities to address the threat from online fraud and other cybercrimes, instead focusing too heavily on information warfare and online espionage. The report quotes several former government advisers:
"The U.S. government has not devoted the leadership and energy that this issue needs," said Paul Kurtz, a former administration homeland and cybersecurity adviser. "It's been neglected."
"They're still not taking cybercrime seriously enough," said former administration cybersecurity adviser Marcus Sachs, now at Verizon Communications, reflecting the views of several former White House officials."
The artilce lists several causes:
  • Limited resources. Current and former agents contend there are too few federal cyberinvestigators, and that too little is done to retain detectives with advanced technical training. Budget numbers appear to support the critics' complaints.
  • Fractured responsibility. A half-dozen federal agencies fight organized Internet crime with overlapping programs, and at times are barred from sharing information. One private security consultant described having to act as a go-between, linking information between two agencies unable to talk directly.
  • An unfamiliar threat. Traditional crime-fighting techniques are often useless. And there are indications that top government officials still do not appreciate the scope or danger of the Internet fraud menace.
The article has an in-depth analysis of what the problems are and the history of US Government action (or inaction). The main point is the emphasis on terrorist threats to the exclusion of others:

"Since a 2003 presidential commission issued the National Strategy to Secure Cyberspace, the White House has suffered from a leadership vacuum on cybersecurity.

Richard Clarke, the former counterterrorism coordinator, retired as cybersecurity czar just as the strategy was published. His deputy took over, only to leave government two months later.

The administration then eliminated the post entirely and shifted responsibility from the White House to the Department of Homeland Security - which treated the issue largely as a terrorism and military risk, to the exclusion of the online criminal underground that began to flourish during the next few years."

Part III: U.S. targets terrorists as online thieves run amok
(requires registration)

No comments: