Feds courting infosec pros in fight against cybercrime

Black Hat: law enforcement officials hope a more cooperative and less territorial approach will help convince organisations to join the fight against cybercrime

US law enforcement officials are making progress in their fight against online criminals, but they're looking for help from the security experts who have gathered at the Black Hat USA 2006 conference this week.

Dan Larkin, the former head of the FBI's Internet Crime and Complaint Centre (IC3), said in his keynote speech on 2 August that the FBI and other agencies are looking for new ways to collaborate with researchers and others who have specialised security knowledge.

Larkin, who now heads up the Cyber Initiative and Resource Fusion Unit, one of the two entities created when the IC3 was split last year, acknowledged that law enforcement agencies have not been very good at working with the private sector in recent years, especially in the area of information sharing.

Black Hat USA 2006

Check out SearchSecurity.com's special coverage of Black Hat USA 2006 as reporters from SearchSecurity.com and Information Security magazine post the latest news and tidbits from Las Vegas.
"We realise that we need to -- to the extent that it's possible -- give information back to you. We want you guys to leverage us as well," Larkin said.

He also said that the FBI in particular has been too aggressive in deeming valuable data as classified, even though much of it originates from investigations in which companies, universities and other private sector organisations participate. Larkin said this ends up discouraging organisations from sharing data in the future.

"Now we realise that it's your information, you bring it to us voluntarily, and it's your information," he said. "We're trying to be more careful about how quickly we classify that information whenever we can."

Larkin's new unit works with large companies that often are targets of cybercrime, such as AOL LLC, eBay Inc. and others, jointly eliminating false leads and developing investigations. He said much of that work these days involves investigations of organised crime groups that have established large online presences and move quickly from one scam to the next in their search for easy money.

These groups range from so-called traditional organised crime groups, such as the Russian and Eastern European mafia, to loosely affiliated crews who pool their resources and skills in online forums. Larkin pointed to some of the FBI's recent successes, including breaking up several online credit theft rings. But he said law enforcement's efforts are much more efficient and effective when they're aided by private-sector experts.

"Because cybercrime moves so fast, we have to be out of the box in order to keep up," Larkin said. "We want to develop targeted investigations, and a lot of the information for those comes from you all. The folks here see things on their networks that we would never see."

Read more on IT risk management