Posts Tagged ‘Cyber Czar’

Some thoughts on Howard Schmidt’s appointment as Cyber Security Coordinator

Wednesday, January 6th, 2010

I first met Howard Schmidt around 1999 at one of the many National Institute of Justice (NIJ) cybercrime programs we eventually served on together. Howard was someone I looked up to and sought advice from when we saw each other. I have always been impressed by his demeanor and his ability to simplify the complex cybercrime problem when he speaks.

So, I thought initially that I should jump out and comment on my friend Howard’s new appointment as the U.S. Cyber Security Coordinator and congratulate him on the appointment.  But, I then I thought I should wait and not be part of the pack.

After the announcement of his appointment, I surfed the Web to see what kind of reaction his appointment would cause in the media and the blogosphere.  What I have seen so far is fairly tame for an Obama appointment. 

For the most part the traditional media have been fairly benign in their response to the announcement. It appears to them it is just another Obama “Czar”. Most seemed interested in his introduction as the new Cyber Security Coordinator through a videotaped presentation on the White House’s website rather than his ability to do the job. 

Indeed, Howard’s overall non-political stances appear to have placed him in the right place at the right time. And his extensive back ground in the cyber crime fighting arena is encouraging for a lot us involved in the cyber crime fight.

But some people are not as encouraged. The attacks on Howard have already started, as evidenced by the comments on Bruce Schneier’s  blog. (Ironic that the very technology he is asked to defend is the same anonymous place used to attack him.)If he was involved as part of the Bush administration, this promises to NOT be an improvement. Others here have correctly observed that it is a position completely set up to fail. Schmidt has never stayed in any one position very long. What has he ever actually accomplished over the years?

By taking this job, Schmidt is able to cash out of eBay without having to pay some taxes on gains he made there.

Howard, like so many in the public eye, takes a beating for being able to stand up and offer themselves to the wolves of criticism.  He is a fine man, a veteran federal and military investigator, an experienced law enforcement officer, and a Chief Security Officer in large corporations.

In other words, he has seen the problems from multiple levels within and from without government. His appointment will give him the opportunity to put a varied background of experience to work on a problem affecting everyone. How many people considered by the Obama administration had a resume to compare? 

So what should Howard focus on and attempt to accomplish? First of all, he could help to define better the understanding in this country of the differences between Cyber-Security and Cyber-Crime. All too often they get melded into the same concept or believed they are the same thing.

Some think that Cyber Security matter are the only issues he has or should deal with. Investigating Cyber Crime is a complex issue with just as many complex, multi-level facets as Cyber Security.  Howard’s clear understanding of the issues related to both give him an advantage. I would just like to see Cyber Crime investigation given the attention it needs and deserves.

Given his background and the infighting amongst the current bureaucrats governing IT security and cybercrime in the United States, Howard has a rough road ahead. Even though he  does seem to want  to remain out of the politics of the job (as evidenced by his release of a videotaped statement rather than a press conference),  many feel the job is all title and no authoritative bite.

With the dissatisfaction of Melissa Hathaway and others that where standing in line or considered for the job this year, I hope the Obama administration gives Howard the latitude and support  to do the work that needs to be done.  Good luck Howard…..

The European Union Implements a Cybercrime strategy

Monday, February 23rd, 2009

Although this is from December it is of interest in the U.S. considering our current changes in administration. It was widely reported and most recently as last week from the Greek Forensic Community blog, that, the Council of ministers of the European Union adopted, a “strategy to reinforce the fight against cyber crime.” It is interesting that the country that developed the technology to connect the world is being outpaced in its ability to respond to the crime committed through its growing adolescent by others around the world. They wrote that the strategy should include ” the means of combating the traditional forms of crime committed via the Internet, such as identity fraud, identity theft, fraudulent sales, financial offences, illicit trading on the Internet, particularly narcotics and arms dealing.”

Current U.S. policy tends to deal with only the protection of the infrastructure and not the entire problem surrounding Cybercrime and its deleterious effects on the state of the Internet and our economy. Education about the problem and enforcement actions against the offenders works and should be supported and implemented nationwide.

What are extremely interesting in the EU proposal are the measures that would include “Cyber Patrols”, “Joint investigative Teams” and “Remote Searches”. All of these are a step in the right direction. The EU is also funding Europol to set up a crime reporting system to track Internet crimes that can be accessed by the EU members. This too will aid in the response if law enforcement understands the effective of the crime and can respond accordingly.

The EU’s strategy marks a leap in the acknowledgment of the magnitude of the Cybercrime problem at least in the European Union. In addition their strategy suggests closer cooperation and information exchange between law enforcement authorities and the private sector. This has been a stalwart strategy by many in the U.S. especially those belonging to organizations like the High Technology Crime Investigation Association.

As we have commented before the U.S. now needs to consider the same type of strategy. Cybercrime continues to grow and law enforcement’s skills to investigate it, and the national strategy to deal with it, need to be as sophisticated as the crimes committed.

The new “Cyber Czar” in the U.S. should consider the EU’s strategy early and adopt similar policy for U.S. law enforcement.

Threat of Cyber Crime Continues to Increase

Friday, February 13th, 2009

Jim Kouri, formerly the Chief of Police of the New York City housing project in Washington Heights, wrote recently in MensNewsDaily.com about Cyber Crime and its increasing popularity as a criminal endeavor. He rightfully identified that there is a difference between critical infrastructure protection (Cyber security threats) and Cyber crimes (traditional crimes committed through the use of technology). This is far too often overlooked at the national level and appropriate consideration given to both areas. Threats to our critical infrastructure are not the same as Cyber criminals stealing from our citizens. However, from the initial look at a crime, say a “Phishing” scam against a bank, a law enforcement investigator does not know if this criminal act is a foreign state attacking our economic system by trying to make the bank fail, or a teenager from one of the old eastern block countries simply scamming unsuspecting customers out of their funds.

Law enforcement from the outset often ignores these crimes due to the investigative complexity of the crime and the lack of training and tools to effective pursue the evidence. The current economic situation is making things even worse for those agency’s who do attempt to address Internet based crime. In California High Tech Crime Task Forces are being shut down due to the budget crisis. The Northern California Computer Crime Task Force has shut down and the San Diego area CATCH Team will shut down on February 16th. Both of these task forces have made a significant impact on criminals using the Internet to commit crimes. Yet, we are allowing them to close and very little is being done to stop it.

The new administration is due to announce the appointment of its new Cyber Czar. I don’t have a hope for the near future with the President saying one thing before his inauguration:

“As president, I’ll make cyber security the top priority that it should be in the 21st century,” … “I’ll declare our cyber-infrastructure a strategic asset and appoint a National Cyber Adviser who will report directly to me.” (from a speech at Purdue University last July)

And doing another, which is by most accounts putting the new Cyber Czar post several layers down in the Department of Homeland Security. If it does end up in DHS it will be another function unable to deal with the national problem, because the appointee will have to facilitate conversations with the FBI and other organizations outside of DHS responsible for Cyber crime investigation. In addition the new Cyber Czar would have to fight for funding within his or her own organization.

As with the intelligence collection and review issues, as determined by the 911 commission, Cyber crime is another area not coordinated nationally with the many different stake holders in the arena. The better model would be to have the Cyber Czar in the White House with positive control over budgets and agency actions responding to the problem. The National Intelligence Director’s position is the best model for this issue. The problem is not for a single agency to try and solve but it should be the responsibility of a single entity to coordinate the response nationally. Cyber crime is dealt with at all levels of law enforcement in this country, from the City police investigator looking into Vice crime on Craig’s list to International Child Porn rings investigated by the FBI. Yet with all this crime occurring there is no coordination of cyber criminal intelligence or investigations from the bottom to the top.

Lastly, the person selected as Cyber Czar should have a concept of operational response to both the Infrastructure Protection space as well as the Cyber crime arena. They are two different animals and require different skill sets, but complementary responses. We will have to wait and see if the President’s pick is up to the challenge and given the proper authority and resources required to accomplish the mission.

Technorati Tags: ,,,,,,

Administration to establish major office for cyber matters

Friday, February 6th, 2009

Shortly after taking office President Obama announced that there would be a “Cyber Czar” (my term not his) named “…who would report directly to the president, greatly increase funding for interoperable first responder communications and spend $5 billion in global counterterrorism cooperation…”

They are addressing Cyber threats and Cyber infrastructure so where in the new administration’s proposals is the part where we as a country deal with the problem of Cyber Crime? Well for the first time an emphasis, albeit small is noted in the Homeland Security Agenda that says:

“Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime”

This is significant in that it is a change in direction from the previous administration’s plan that did not address the Cyber Crime problem. The Bush plan was focused on Infrastructure protection and did not effectively address the overall issue of Cyber Crime. Although many of the items described in Obama’s plan are similar to recommendations previously made to and by the Bush administration.

I have been arguing for some time that there needs to be a comprehensive national plan to deal with Cyber Crime. There is currently no clear understanding of how much Cyber Crime is being committed in the U.S. To complicate that there is no requirement for U.S Law Enforcement agencies to collect and report (in the FBI Uniform Crime Reporting-UCR system) on any Cyber Crime that is committed against our citizenry. So exactly how do we know the magnitude of the crime committed and where to apply the resources?

A comprehensive national plan needs to include several things:

  • A clear definition of Cyber Crime.
  • A reporting mechanism for law enforcement to identify the amount and nature of the Cyber Crimes committed.
  • National Stake holder input. This is not just a federal problem it involves law enforcement at all levels including the judiciary and each levels issues need to be addressed.
  • Sufficient funding must be provided to clearly address the problem at multiple levels.
  • Tools to deal with Cyber crime investigations MUST be common and available.
  • Encourage the reporting of Cyber Crime to local law enforcement agencies.
  • Develop better communication on Cyber Crime and its investigation between Federal, State and local LE
  • Development of an interoperable international legal framework to assist in the investigation of cyber related crimes.
  • And lastly, we need to make cyber investigations an everyday policing event for law enforcement.

We will have to wait and see what the Obama administration will do with this proposal in the DHS agenda. The need has not gone away with the “Change”, it will only continue to grow.