The U.S. plans a diplomatic push to get more countries to join in cyber-crime investigations, Howard Schmidt, the top White House cyber-security official, said yesterday.
“I can’t think of any case involving intrusions that didn’t have an international component,” Schmidt said, referring to breaches of computer security. “In the very near future, we will be coming forth with specific efforts” that may include “tough discussions” with countries to ensure they help hunt down criminals who steal information and data using computers, he said.
Some governments actively engage in cyber crimes or turn “a blind eye” to the practice, similar to nations condoning money-laundering schemes in the 1980s, Schmidt, a special assistant to the president, said at a Department of Defense Cybercrime Conference in Atlanta. He declined to name any countries in that category.
Several large U.S. companies have reported attacks on their computer networks in the last year. In March, Google Inc. stopped self-censoring searches in China and pulled out of the country after alleging attacks on its networks aimed at obtaining its proprietary information and personal data on human rights activists. In December, Mastercard Inc. and Visa Inc. said their websites were attacked by supporters of Wikileaks.
In the case of money laundering, once countries recognized such activity as “fundamentally bad” and pledged cooperation, it became more difficult for criminals to engage in it, Schmidt said.
Criminals and hackers probe U.S. government computers “millions of times every day, about 9 million Americans have their identities stolen each year and cyber crime costs large American businesses $3.8 million a year,” a group of U.S. senators said today in a statement, after introducing legislation to tighten security.
“More than $1 trillion worth of intellectual property has already been stolen from American businesses,” said the lawmakers, including Senate Majority Leader Harry Reid.
The legislation, backed by the heads of seven Senate committees, would provide incentives to companies urging them to assess risks and safeguard their computers from attacks, the statement said.
Schmidt said the U.S. would urge more countries to sign a 10-year-old treaty called the Cybercrime Convention that calls for cooperation in probing crimes committed via the Internet and other computer networks. These include crimes related to copyright infringement, fraud, child pornography and violations of network security, according to the treaty website.
The treaty has been ratified by 30 countries, including the U.S. and 29 European nations. Signatories including the U.K., Canada and Turkey have yet to ratify the law, according to the treaty website. China and Russia are among nations that have yet to sign the treaty.
Schmidt said securing government computers isn’t sufficient. “Protecting national networks” operated by defense contractors, utilities, banks and other critical service providers “is just as important as protecting government systems,” he said.
Ensuring that the government’s suppliers have adequate computer safeguards can be accomplished through careful purchasing, he said. When government agencies buy goods and services, they must ensure that suppliers “provide baseline security whether providing telecommunication equipment, software or hardware,” he said.
To contact the reporter on this story: Gopal Ratnam in Atlanta via firstname.lastname@example.org.
To contact the editor responsible for this story: Mark Silva at email@example.com