Re: [iwar] Net Force Wannabe's?
From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com
Mon, 6 Nov 2000 17:50:22 -0800 (PST)
fc Mon Nov 6 17:52:14 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Mon, 06 Nov 2000 17:52:14 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue Nov 7 01:52:08 2000)
X-From_: fc@all.net Mon Nov 6 19:51:09 2000
Received: from ei.egroups.com (ei.egroups.com [208.50.99.235]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id TAA31324 for ; Mon, 6 Nov 2000 19:50:23 -0600
X-eGroups-Return: sentto-279987-732-973561824-fc=all.net@returns.onelist.com
Received: from [10.1.10.37] by ei.egroups.com with NNFMP; 07 Nov 2000 01:50:26 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@egroups.com
Received: (EGP: mail-6_2_1); 7 Nov 2000 01:50:23 -0000
Received: (qmail 26323 invoked from network); 7 Nov 2000 01:50:23 -0000
Received: from unknown (10.1.10.26) by m3.onelist.org with QMQP; 7 Nov 2000 01:50:23 -0000
Received: from unknown (HELO all.net) (65.0.156.76) by mta1 with SMTP; 7 Nov 2000 01:50:23 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id RAA15384 for iwar@egroups.com; Mon, 6 Nov 2000 17:50:22 -0800
Message-Id: <200011070150.RAA15384@all.net>
To: iwar@egroups.com
In-Reply-To: from "Marc S. Griswold" at Nov 06, 2000 12:48:32 PM
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, 6 Nov 2000 17:50:22 -0800 (PST)
Reply-To: iwar@egroups.com
Subject: Re: [iwar] Net Force Wannabe's?
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Per the message sent by Marc S. Griswold:
> Very interesting link:
> http://www.zdnet.com/intweek/stories/columns/0,4164,2649836,00.html
I wish you would include more than this as content...
November 2, 2000
Cybercriminals On The Loose
By Lewis Z. Koch Special To Interactive Week
The National Infrastructure Protection Center, the unit of the Federal
Bureau of Investigation that's supposed to catch hackers, has cooked up
a cacophony of hype to persuade the American public that a bunch of
teenage hackers are equal in menace to the threat posed by professional
cybercriminals.
And despite the FBI's promotion of the e-mail tapping/sniffing program,
Carnivore, on the grounds that agents need more information, the NIPC's
performance so far suggests that the problem isn't too little
information - it's the FBI's inability to distinguish signal from noise.
It's time to assess just how well or how poorly the center has been
doing.
Cooperation
One of the key missions of the NIPC, according to its Web site, is to
organize and coordinate intergovernmental, interagency cooperation in
the war on cybercrime. "The NIPC will combine the aggregate power of
numerous aspects of the U.S. federal government: investigators from the
FBI and the [Secret Service], representatives from the
Department of Defense and the intelligence community, and delegates from
federal lead agencies."
Maybe, but Michael Vatis, the Harvard Law School alum who was named NIPC
director, seems bent on ensuring the failure of that part of the
mission.
First, Vatis assembled the center, bringing in representatives from
overt and covert federal law enforcement agencies, along with "delegates
from federal lead agencies." Then he demanded that each sign a
nondisclosure agreement, stipulating that the agent would not notify or
bring back to his agency anything he learned at the NIPC. Yet, the
agents were told to share information from their own agencies with the
NIPC.
Among the agencies initially represented in the NIPC were the Central
Intelligence Agency, the National Security Agency, the Secret Service,
the State Department and the Pentagon. But it didn't take long for
everyone to discover that the NIPC's definition of cooperation was a
no-exit back alley. The agencies decided that if Vatis and the NIPC
wouldn't share nicely with them, they'd just take their intelligence
marbles and go home.
In the end, only the military remained - and only because it didn't have
any other conduit into what the civilian agencies were doing.
Spin Control
Vatis quickly established the ground rules for dealing with the NIPC:
All accomplishments were to be credited to him and his agency. As
detailed in my previous columns, real, certifiable computer security
experts who literally handed the identities of cybercriminals to the
NIPC never received public credit. Vatis and the FBI encouraged the
public to believe they had captured these criminals through savvy
high-tech sleuthing.
Even worse, the NIPC has been strangely silent about its efforts to
catch hackers. The reason: Federal agents have virtually no hope of
catching hackers unless an outside expert spoon-feeds them the
information -not something the public wants to hear.
Sharing the Toys
The center's Web site also states: "As part of its mission, the NIPC
conducts outreach and information sharing with the public and
private-sector owners and operators of critical infrastructures. The
InfraGard program is now an essential part of the NIPC's nationwide
outreach efforts. The program establishes a mechanism for two-way
information sharing about intrusion incidents and system
vulnerabilities, and provides a channel for the NIPC to disseminate
analytical threat products to the private sector."
But there's one condition that belies the notion of "outreach."
Recipients have to sign away their right to tell anyone else what
they're getting from the NIPC and InfraGard.
The NIPC's supreme fantasy is the Cybercriminal Behavior Assessment
Project. As the name suggests, this effort was concocted by some of the
same FBI folks who created the Behavioral Science Unit to develop
profiles of serial killers. Never mind that, according to Pulitzer
Prize-winning author Richard Rhodes, the BSU has yet to identify a
single serial killer.
Among the key findings in the FBI's 1993 Son of Slammer hacker study was
this profound insight into the criminal mind: "Every hacker interviewed
identified the purchase of their first modem as the most significant
step leading to future computer crimes." Ah, the smell of our tax
dollars hard at work.
Vatis initially agreed to be interviewed for this column, but later
canceled.
Epilogue
In the course of my reporting for this column, three people, including a
high-ranking Department of Justice official who had worked with the
NIPC, predicted the imminent demise of Vatis' tenure - and perhaps of
the NIPC itself.
Not surprisingly, none of the three would agree to be quoted or
identified.
It will be interesting to see just how strong Vatis' fingernails are as
he clings to the leadership of a once-promising group that he has
rendered ineffective. On the other hand, he might not want to stay on.
Surely, he could find lucrative refuge with some international
corporation hungry for what he has worked so hard to portray as his
expertise and insider knowledge.
-------------------------- eGroups Sponsor -------------------------~-~>
Create your business web site your way now at Bigstep.com.
It's the fast, easy way to get online, to promote your business,
and to sell your products and services. Try Bigstep.com now.
http://click.egroups.com/1/9183/5/_/595019/_/973561824/
---------------------------------------------------------------------_->
------------------
http://all.net/