Former White House advisor heads cybercrime program

McAfee Inc. this week announced an anti-cybercrime program, the McAfee Initiative to Fight Cybercrime, to combat the ever-growing, increasingly complex cybercrime issue.

The McAfee Initiative to Fight Cybercrime Advisory Council will be headed up by former White House cybersecurity advisor Howard Schmidt. He spoke at a round table during the McAfee Focus conference this week about the current cybercrime climate, which is clever enough to morph alongside our culture, including efforts by spammers to cash in on consumers’ economic fears. Said Schmidt: “There’s an increasing number of spoof e-mails (related to the stock market) that are taking a new direction.”

Read more

No fear: McAfee security chief talks business

Professors Ian Brown of Oxford University and Lillian Russell of Sheffield University have also come on board, along with WiredSafety founder and manager Parry Aftab. The program will entail building even more awareness about cybercrime and pushing for enhanced collaboration between governments and non-governmental organizations.

The new Cybercrime Response Unit will provide assessment of the necessary case components against cybercrime offenders, while a set of freshly minted grants will go towards organizations making an attempt to fight or educate about cybercrime.

Threats can come from all sectors, said FBI Cyber Division assistant director Shawn Henry. “In addition to phishing schemes and pump-and-dump e-mails, issues are coming from corporate networks, but from people going through the customers,” he said. “The importance of maintaining the security of your network is getting more important as individuals are now looking to steal even your ideas and R&D.”

The question of who is responsible for cleaning up the mess can also be difficult, according to Schmidt: “After the bad guys have gone ahead and exploited any holes, who’s going to investigate that?”

Henry suggested that it will be important to look outward as well as inward. “You have to partner with foreign law enforcement as well as domestic law enforcement,” he said.

This can, however, pose a challenge, said IDC Canada analyst Dave Senf.

“The challenge is that data theft is global,” Senf said. “If someone’s back in China or Russia, they can be hard to prosecute. And then you have to figure out who took what. Just bringing attention to cybercrime doesn’t do a whole lot of good if you don’t know who does what.”

From there, said Senf, raising the stakes becomes more important. “The risk has to outweigh the reward, and that means that we need larger fines in place,” he said.

Canada could be lagging in up-to-date cybercrime policies. According to a new PayPal Inc. survey of 1,000 Ipsos panelists, online consumers in Canada, the United States, and the United Kingdom suffer far higher rates of identity theft than many European countries, such as France, Germany, and Spain.

Change is slow, however. The United States is making some moves toward a more locked-down approach, according to a report released Tuesday, although it’s tough going. Efforts to reduce and fight ID theft are happening across the U.S. government, says the report from the U.S. Department of Justice and the U.S. Trade Commission.

The report serves as an update on the efforts of the U.S. Identity Theft Task Force, established by President George Bush in May 2006. However, many state and local governments continue to release Social Security numbers (SSNs) in public documents, according to a second report, released Tuesday the U.S. Government Accountability Office.

Eighty-five per cent of the large population counties that responded to a GAO survey make records with full or partial SSNs available in bulk or online, while 41 per cent of smaller population counties do, according to the GAO report. GAO surveyed a sample of 247 counties, including the 97 largest population counties in the U.S. and a random sample of 150 other counties, and received responses from 89 per cent of the counties.

In some cases, businesses that purchased public records from U.S. counties sent the information to India and the Philippines, the GAO said. However, 25 states have passed laws in recent years to remove or restrict SSNs from public records, the GAO noted.

–With files from Grant Gross (IDG News Service, Washington Bureau)