A partnership to expose cybercrime

Feb 1, 2001 12:00 PM, By Carey Adams

Last February, a series of cyber-attacks rendered several high-profile Web sites useless. Among them, Amazon.com, electronic auction house eBay, discount retailer Buy.com, and CNN Interactive were jammed by hackers with thousands of useless messages that tied up the company's computers and nearly forced the sites to shut down for a period of time.

The previous day, hackers tapped into Yahoo! with a “denial-of-service” attack that forced the Internet portal to shut down. A denial-of-service attack is a continuous stream of information sent to a target with the intention of flooding it until it crashes or can no longer take legitimate traffic.

The harm caused by these hacker attacks to the businesses involved includes financial losses and crippling of the companies' information systems. To combat such attacks, the Federal Bureau of Investigation (FBI) and the agency's National Infrastructure Protection Center have formed an alliance with businesses and educational entities to share information anonymously. The alliance is designed to protect IT systems from hacker attacks and other intrusions by providing a network of information-sharing about attacks and how to protect against them.

“This is now one of the most serious threats to the world and its economy,” says Harold Phipps, a special agent in the FBI office in Atlanta. “As long as you have a presence on the Internet, then it's going to be a problem.”

Last month, former U.S. Attorney General Janet Reno, approved a provision that certifies that there would be at least one chapter of the alliance — known as InfraGard — in each state. Currently, there are 56 offices nationwide that are developed or in the developing stages, including Atlanta, Albany, N.Y., Cleveland, San Francisco, St. Louis, and Charlotte, N.C. The chapters meet monthly to share information regarding IT system and information system protection.

“Businesses have a lot of customer data and financial data that is subject to being attacked. When businesses are attacked, some do not know how to react to it,” says Phyllis Schneck, president of InfraGard Atlanta and vice president of broadband security for SecureWorks, an Atlanta-based Internet security monitoring and response service for small- and medium-sized companies.

Schneck says a lot of companies take their networks off-line when they are attacked by a hacker, which might be a mistake.

“Taking the network off-line can erase evidence or destroy evidence to track the hacker,” says Schneck. “And sometimes companies attempt to discover the problem themselves and that can make it worse.”

Through the InfraGard network of companies, businesses that are attacked by cyber-hackers are urged to call other companies that have been attacked to find out how they handled the situation.

“The first thing you should do is call someone who has been through it. They know what's going on,” says Schneck.

Another problem that InfraGard is recognizing is that many companies do not realize that the FBI is willing to work with businesses that have been attacked. Schneck says many companies believe calling the FBI will lead to unwanted publicity.

“There is a lot of fear that the news agencies will get the information. People don't realize that the FBI offers confidential information sharing,” says Schneck.

The Economic Espionage Act of 1996 was created to allow the FBI to investigate cyber-attacks anonymously.

“Some people aren't aware of the act, which allows us to investigate without actually opening a case. In order to investigate a case, we have to have cooperation from the business community,” says Phipps.

The FBI's National Infrastructure Protection Center investigates the attacks to determine their origin.

InfraGard's mission is to provide a public-private partnership and platform for the confidential exchange of Internet- and information systems-related security information among members to enable business and infrastructure protection.

Members of InfraGard are linked together and to the FBI by the bureau's secure “alert network.” Companies can anonymously report incidents to other members without fear of publicizing their vulnerability. The FBI provides encryption software to protect information exchange among members.

But the fear of publicity is an uphill battle for the alliance.

“I had one man tell me he would rather have himself accused of a horrible crime rather than have his company receive publicity due to a cyber-attack,” says Schneck.

“There are a lot people out there who want to steal vital information from companies. We are here to help pass information along to prevent attacks, but companies have to feel like they can trust one another and trust us.”

InfraGard, which the FBI began as a pilot program in Cleveland in 1997, is beginning to make headway in the public-private business world. Large corporate entities, such as Delta Air Lines and Georgia-Pacific Corp., have joined the alliance, along with smaller businesses.

Schneck says it is the hope of InfraGard that companies — both large and small — learn that there is help available if they are attacked by a cyber-hacker.

Phipps says the bottom line is trust.

“There are a lot people out there who want to steal vital information from companies. We are here to help pass information along to prevent attacks, but companies have to feel like they can trust one another and trust us,” says Phipps. “The FBI hopes that InfraGard will be the catalyst to instill that trust.”

U.S. Department of Commerce and IT companies partner to fight cybercrime

In January, the U.S. Department of Commerce and 19 companies from the information technology industry joined forces to create an information-sharing network. The union was formed to fight Internet crime and share information security practices, according to the U.S. Department of Commerce.

The partnership — known as Information Technology (IT) Information Sharing and Analysis (ISAC) — evolved from a pledge made during a White House meeting last February involving President Bill Clinton, the Information Technology Association of America (ITAA) and a group of leading IT companies and organizations following several cyber-attacks on several companies. During the meeting, representatives of the information technology industry vowed to exchange non-proprietary information concerning threats, attacks and protective measures.

According to the Department of Commerce, the group also stated its intent to establish a mechanism for systematic and protected sharing and coordination of information regarding cyber-attacks, vulnerabilities, countermeasures, and best information security practices.

Participation in the IT-ISAC is voluntary and currently includes AT&T, Cisco Systems, Computer Associates, Entrust Technologies, IBM, Microsoft, Nortel Networks, Oracle Corp., and several other information technology companies. The U.S. Department of Commerce hopes the partnership will be a step forward in developing and improving strategies and mechanisms for protecting against hostile actions and for facilitating continuity of operations and rapid recovery of failures that might occur through cyber-attacks.

Want to use this article? Click here for options!
© 2012 Penton Media Inc.

This month in Access Control

• Targeting The Customer
• Electronic Pedigrees
• One Hero Among Many
• Who? What? When? Where? Why?
• More from September's issue