[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] FBI an Silicon Valley: Bitte gebt uns Informationen weiter...
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
http://www.msnbc.com/news/774803.asp?cp1=1#BODY
FBI to valley: Tell us about attacks
By Andrew F. Hamm
SILICON VALLEY/SAN JOSE BUISNESS JOURNAL
July 1 - Businesses have remained tight-lipped when it comes to
reporting cyberattacks or other breaches of their security for fear that
the bad publicity would also bombard their bottom lines. But the FBI has
begun offering them anonymity and critical information in exchange for
their much-needed cooperation in battling hackers and other terrorists.
THE NEW INFORMATION-SHARING initiative is an extension of Infraguard, a
3-year-old program first put together to stem attacks on the nation's
economic infrastructure, including businesses, medical facilities,
financial institutions, and water, energy and transportation agencies,
says Peter Trahon, supervisory special agent at the FBI's Regional
Computer Intrusion Squad. The organization now has about 80 Bay Area
companies involved. According to a Bay Area-based survey funded in part
by the FBI, 90 percent of survey respondents, primarily large
corporations and government agencies, reported computer security
breaches in the past 12 months and 80 percent acknowledged financial
losses. The most serious included the loss of proprietary information
and financial fraud, with 74 percent saying the attack came via the
Internet.
While companies have been eager to receive information on problems other
companies are having, they have been loathe to report their own, says
Rich Davies, executive director of the Western Disaster Center at
Moffett Field and a member of Infraguard's board of directors. Mr.
Trahon says the new program gives businesses a secure way to circulate
information through the FBI about any problems without fear that the
information will come back to bite them.
"I see the value of it. It helps me validate potential problems or
invalidate them, depending on what is out there," says Bob Landgraf,
program director for Hewlett-Packard Federal, a subsidiary of
Hewlett-Packard Co. and a member of Infraguard. "Many of the large
companies are well-prepared for these attacks," Mr. Landgraf says. "I
would say smaller companies and those in hot technologies are in the
most trouble. Large companies can sustain a $1 million loss ... but that
could put some smaller companies out of business." Companies have been
mum about security breaches because of fears of giving competitors an
advantage, reaction by investors, bad publicity and simple egos, says
Rich Jackson, executive director of Infraguard's San Francisco Bay Area
chapter. "I think the FBI realizes they've had some bad relationships in
the past, Mr. Jackson says. "They are working very hard to gain the
trust of the [business community]." And then there's the paperwork.
It can be onerous, Mr. Jackson admits, but is a necessary tool to help
find and punish the attackers. "[The FBI] is trying to make it as easy
as possible," Mr. Jackson says. "But remember, a lot of court cases get
thrown out on a technicality. So you have to document carefully." The
FBI began pushing what it calls "secure" membership after the number of
companies attending quarterly Infraguard meetings tripled after the
Sept. 11 terrorist attacks. "It became very obvious that we need the
high-tech community talking to each other in case of attack," says David
Kovar, director of information technology at the Western Disaster
Center. Participating in the secure membership allows companies to offer
sensitive information and receive information about ongoing FBI
investigations - information not available to the general public or even
Infraguard members who don't have the "secure" membership, the FBI's Mr.
Trahon says.
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.