Re: Law Enforcement: Unprepared to Fight Worldwide Cyber Crime

["John C. A. Bambenek, CISSP" <bambenek.infosec () gmail com>]

The problem has been around for a long time and is multi-layered and none of
the individual layers are being planned to be addressed, much less
remediated.

1) There is still a skill gap in information security to law enforcement.
There are specialists, but they are expensive and the expense doesn't map up
on a cost-benefit scale.  We haven't "lost enough", and what we have lost
can be built into the cost of doing business with actuarial magic so
consumers don't know (hell, researchers can't even figure it out) how much
this costs us.  We're all specialists, probably making close to 6 figs or
above.  Probably our average salary is three times that of a cop.
2) There is a gap between the rules we operate on, the rules many countries
operate on, and the rules the "bad guys" operate on.  When we can get
someone extradicted who drops a radioactive sushi in downtown London,
publicly assassinating someone, you aren't going to put the screwed to Joe
Carder.
3) We put all our resources into reactive measures... and not just reactive
measures, but reaction only after incidents of significance.  We allow the
bad guys to have the first win, 100% of the time.
4) We continue to retrofit systems designed decades ago for "offline" use,
slap them online and don't even consider rearchitecting for a new reality.
The development cycle is so short, and the pressure is to only make it
shorter, that anything besides "functionality" is now superfluous and a
"risk".

j

On Wed, Feb 27, 2008 at 8:58 PM, Paul Ferguson <fergdawg () netzero net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Personal note:
>
> The underlying statement here is somewhat... shocking.
>
> The chances of a "...second Internet.." emerging has a snowball's
> chance in hell of actually coming to pass, and shows the non-committal
> stance (and technical inability) of law enforcement to actually
> tackle the hard problems of cyber crime.
>
> Also, as an aside, this is primarily the job that I have taken in
> 2008 – outreach to law enforcement, ISPs, and incident response
> handling organizations (e.g. CERTS, CSIRTS, etc.) to build channels
> to stop these issues from continually falling through the cracks.
>
> The problem is very bad, and unfortunately, it looks like it might
> get worse before it gets better. We have our work cut out for us...
>
> http://www.internetevolution.com/author.asp?section_id=593&doc_id=147027&;
>
> Hat-tip: /.
> http://slashdot.org/article.pl?sid=08/02/27/2310247
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFHxiNnq1pz9mNUZTMRAvztAJ9UXqu5NUdwIAXxCgopO6r03MfWFgCgsQtg
> c2xoKns3EHdfFrB1oOhKMt0=
> =4FQ9
> -----END PGP SIGNATURE-----
>
>
>
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg(at)netzero.net
>  ferg's tech blog: http://fergdawg.blogspot.com/
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.