Further fueling the debate over whether cybercriminals should be allowed to benefit from their crimes, U.S. Assistant Secretary of Defense Arthur Money told a crowd of cyber-vandals in Las Vegas, Nevada Friday that they should give up their destructive ways and help the U.S. government fend off cyberattacks from foreign governments.
Money’s remarks came at the eighth annual DEF CON 8.0 convention, where he and colleagues from the Federal Computer Incident Response Center (FedCIRC), the Air Force, and the Department of Defense (DOD) took part in a “Meet the Fed” panel discussion.
The Pentagon’s Chief Information Officer with responsibility for command, control, communications and intelligence, told the assembled hackers, “If you are extremely talented, and you are wondering what you’d like to do for the rest of your life — join us, and help us educate our people.”
Adding Up Costs
Money and the other government officials did not pull any punches in telling the computer geniuses exactly how costly and disruptive their attacks are. Money said that there were 22,124 attacks in 1999 — each costing almost $1.5 million (US$) — against Department of Defense (DOD) computers. Total bill: $25 billion to defend against hackers.
Said Money, “It might be viewed as a challenge, it might be viewed as fun to hack into things, but you might be affecting the lives of people. I would rather have my attention focused on what rogue states are doing to us than being harassed seven times a day figuring out what some guy is doing to us.”
David Jerrold, director of FedCIRC, was equally blunt with the hackers. He said, “There are those things that are fine for education or curiosity, and that’s good. But those of you who do things for anarchy or for destroying data — there is no glory in being an [expletive deleted].”
Jerrold told the hackers that they should call him the next time they discover a security hole in federal computers, instead of posting the discovery on message boards.
Toys, Not Money
The Feds told the hackers that working for the government would not have the same financial rewards as working for a private security firm. However, according to Dick Schaefer, director of infrastructure and information assurance for the DOD, there are other perks.
He said, “We have got some of the most sophisticated toys in the world. If you would like to get access to those toys and become a part of a very elite team, we would like to talk to you.”
The Lawless Zone
While the U.S. military is looking to hire hackers, the European Union (EU) wants to put them behind bars. At an unofficial meeting of EU justice and interior ministers in the French port of Marsaille on Saturday, EU Ministers vowed to crack down on cybercrime — including fraud, child pornography, and hacking — by working with other nations to track down cybercriminals who strike across national boundaries.
French Justice Minister Elisabeth Guigou said after the meeting, “It is not at all our intention to limit the development of the Internet, but we must avoid letting it become a lawless zone.”
Taking Legal Action
The European Commission, the EU’s executive body, outlined several proposals to crack down on Internet crime. The Commission believes that new laws are needed to close legal loopholes on fraud and hacking. Also needed are rules to allow police to seize computer data from other countries.
European Commissioner Antoni Vitorino told the EU ministers that “Existing forms of mutual assistance are entirely inadequate for fast moving and complex investigations on the Internet.” He would like member states to take action to ensure their police forces are up to speed on the latest technology.
The goal, according to Vitorino, is to combat e-crime without stifling e-commerce. He said, “Governments should recognize that the needs of law enforcement may place burdens on industry and thus take reasonable steps to minimize such burdens.”