IP: Re: U.S. Backing for Guidelines on Fighting Cybercrime

[David Farber <dave () farber net>]

> Date: Tue, 12 Feb 2002 09:52:46 -0800
> From: Jim Warren <jwarren () well com>
> Subject: Re: U.S. Backing for Guidelines on Fighting Cybercrime
>
> At 10:27 AM -0500 02/12/02, "Patrice  McDermott" <pmcdermott () alawash org> 
> wrote:
> > http://www.nytimes.com/2002/02/12/technology/12CYBE.html
> >
> > February 12, 2002
> >
> > U.S. Backing for Guidelines on Fighting Cybercrime
> >
> > By BARNABY J. FEDER
> >
> >      The first guidelines for responding to attacks on computer systems to
> > be endorsed by both the F.B.I. and the Secret Service, the main Federal
> > agencies fighting such crimes, were published yesterday.
> >
> > The guidelines were drafted by government and private security experts
> > brought together by CIOmagazine, a trade publication for information
> > technology executives.
> >
> > The guidance comes at a time when the number of both government and
> > private organizations trying to track and fight electronic crimes has been
> > expanding, partly in response to Sept. 11. But experts say many businesses
> > continue to be reluctant to provide law enforcement officials with enough
> > information to pursue cybercriminals. Companies often fear that they will
> > lose business if security breaches become public or that they will become
> > the target of revenge attacks.
> >
> > [...]
> >
> > The 12-page CIO guidelines provide complete contact information for
> > businesses to report intrusions to public authorities and various
> > information-sharing partnerships like the 65 InfraGard chapters the F.B.I.
> > has helped set up around the nation. They also outline practices that the
> > F.B.I. and Secret Service advocate, like developing relationships with
> > electronic crimes experts at the agencies ahead of time so that managers
> > have a personal contact to take their call.
> >
> > The guidelines advise against reporting minor intrusions, like the efforts
> > of outsiders to scan corporate systems for ways to penetrate them. Such
> > probes can occur hundreds or even thousand of times a month at a major
> > company. While such information could be useful in theory, the guidelines
> > say, it would swamp the current data systems of clearinghouses like the
> > National Infrastructure Protection Center or the Internet Storm Center,
> > which is operated by the SANS Institute, an international research
> > organization for security experts.
> >
> > [...]

For archives see:
http://www.interesting-people.org/archives/interesting-people/