Cybercrime getting the attention of DHS

Cybercrime is emerging as the leading IT threat, public and private-sector security experts said Thursday at a summit hosted by SecurE-Biz.net in Washington.

"At the moment, that is the area of greatest interest," said Amit Yoran, head of the Homeland Security Department's cyber security directorate.

Crime now ranks above the threat of cyberterrorism on the DHS radar screen. Market forces are seen as the driving force behind this development, and DHS also is relying largely on market forces to combat it.

"We're trying to energize the market to focus on security," Yoran said.

Yoran's assessment matched that of the private sector. John Watters, CEO of iDefense Inc., said electronic criminal activity threatens to become a "perfect storm." The criminals are strongly motivated by money, well-organized and have acquired high levels of skill.

"If there is money available, there are going to be people trying to get it," Watters said.

Watters said nations are incorporating information operations into their military strategies?in plain terms, they are learning to hack their enemies.

But it is difficult to assess the level of activity because it often is masked by the activity of traditional rogue hackers. Cyberterrorists are highly motivated, but have not yet developed the level of organization or the skills necessary to carry out serious attacks.

"Their likelihood of success is very low," Watters said. "The level of talent we are seeing is relatively low."

But Watters said there is a danger that advances in exploitation of IT vulnerabilities by criminal organizations will be adopted by nations and terrorists.

The development of wholesale markets for stolen data, such as credit card information, is driving organized criminal activity online. Many analysts believe outbreaks of malicious code in the last year may be directly related to criminal activity, as groups work to create networks of compromised computers to distribute more malicious code and harvest information.

Yoran said that better software quality and assurance is necessary to prevent these attacks. But he steered clear of suggestions that government regulation or product liability should be used to spur improved software development.

"There is nothing pending," he said of regulations. "We're not ruling anything out, but it shouldn't be the first tool we bring to bear. I believe that meaningful progress can be made more quickly by adoption of automated tools and better practices" for software development.

About the Author

William Jackson is a Maryland-based freelance writer.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.