Summit spurs strategies for fighting crime
Government leaders, security experts and law enforcement representatives put their heads together on how to stop computer crime
Almost 100 corporate security managers met with politicians and law enforcement
representatives Wednesday in Menlo Park, Calif., to refine strategies for
fighting computer crime.
Billed as the "Internet Defense Summit," the meeting featured an address
by Sen. Fred Thompson (R-Tenn.), who announced a bill calling for annual
reviews of government security practices.
The proposed Government Information Security Act, drafted by Thompson, was
approved Tuesday by the Senate Government Affairs Committee that Thompson
chairs. But the senator cautioned security managers that the federal government
doesn't have adequate resources to prosecute security attacks. Congress
shouldn't pass legislation that forces companies to cooperate with investigations,
he said.
"We don't know yet how to run our own shop," Thompson acknowledged, adding
that companies have to create their own security defense plans. He said
the government could assist by providing grants for security research, granting
tax breaks to companies that develop security tools, enforcing current laws
and increasing the number of visas for high-tech workers.
Raymond Kendall, secretary-general of the Interpol international police
agency, reminded attendees that national laws have limited jurisdictional
power against the international nature of Internet crimes. Speaking via
a satellite link from Brussels, Kendall said each country has to pass its
own laws against computer crime and enforce them.
This issue has become keenly apparent during the ongoing search for the
authors of the "ILOVEYOU" virus, because the Philippines — where the virus
apparently originated — has no specific laws against writing damaging computer
viruses.
Kendall also said most governments have neither the financial resources
nor the technical know-how to stay on top of hackers and computer terrorists.
"The private sector must [provide for] themselves much of the action which
is necessary to prevent attacks from being made on the Internet," he said.
"It's no longer possible for governments to provide the kind of resources
and investment necessary to deal with these kinds of issues."
The summit featured a mix of government, industry and law enforcement attendees.
For example, Beth Dickinson, a chief in the Los Angeles County Sheriff's
Department, said her computer crime unit investigates not individuals but
groups of people conspiring to commit security break-ins. The unit focuses
on "major banking threats from institutions," Dickinson said. "We are targeting
high-value crimes."
A few participants called on software companies to make their applications
more secure. One suggestion was that default settings in software should
automatically be at the highest level of security available.
"You wouldn't build a swimming pool in the center of town and not put a
fence around it, and I think that's what the software companies are doing,"
said Glenn Tenney, a director at Pilot Network Services Inc. in Alameda,
Calif.
— James Niccolai contributed to this article.
NEXT STORY: House extends Internet tax ban