Federal Cyber-Cops Seek Broader Warrant Power

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Federal Cyber-Cops Seek Broader Warrant Power

WASHINGTON (APBnews.com) -- Federal agents need one-stop shopping for subpoenas and warrants when they investigate cybercrime, according to the Justice Department's second in command.

Deputy Attorney General Eric Holder told a Senate subcommittee Wednesday that since criminals armed with computers can operate from any location, the time-consuming process of getting separate subpoenas no longer works.

"For example, under current law we may have to obtain court orders in multiple jurisdictions to trace a single communication," Holder said. "Obtaining court orders in multiple jurisdictions does not advance any reasonable privacy safeguard, yet it can be a substantial impediment to a fast-paced investigation."

However, the pursuit of computer criminals does not mean doing away with personal privacy safeguards, he said.

"While we believe changes in federal law may be necessary to address these challenges, we also want to emphasize that any such legislation should be tailored to address the challenges we face and should avoid unnecessary infringement on personal privacy," Holder said.

A lag in the law?

He said technological advances in computers and networking have outstripped current laws to deal with cyber-criminals, who are often hundreds -- if not thousands -- of miles from crime scenes.

"Deterring and punishing computer criminals requires a legal structure that will support detection and successful prosecution of offenders. Yet the laws defining computer offenses and the legal tools needed to investigate criminals using the Internet can lag behind technological and social changes, creating legal challenges to law enforcement agencies," Holder said.

His testimony, along with other witnesses', was made to the Senate Commerce, Science and Transportation Committee's Subcommittee on Communications. Legislators have been holding hearings to address concerns raised by the hacker attacks in early February on popular Web sites such as Yahoo, Amazon.com and eBay.

Holder addressed the current investigation into those denial-of-service attacks, which is ongoing.

Computer crime investigators in a number of FBI field offices and other federal agencies are coordinating information with the National Infrastructure Protection Center (NIPC) of the FBI, Holder said. The agents also are working closely with computer crime prosecutors who are available around the clock to provide legal advice and obtain whatever court orders are necessary.

"We are also obtaining information from victim companies and security experts, who, like many in the Internet community, condemn these recent attacks," Holder said. "We are also working closely with our counterparts in other nations."

Software 'agents'

Experts also told the committee that new technology and an increased awareness of security could do much to prevent future attacks.

Raj Reddy, a professor of computer science and robotics at Carnegie Mellon University and co-chair of the President's Information Technology Advisory Committee, called for the development of a "self-healing" Internet. That would mean using software "agents" to monitor all network traffic and validate it before it can proceed to its destination.

Reddy said the self-repair systems would be able to identify computers bombarding Web sites with packets of information and either stop the packets or limit those computers to a "fair share" of traffic.

"The work of these agents and the humans tracking network security could be helped if the new generation of routers add information packets that make it easier to detect malicious patterns of use and to track the attacks to their source," Reddy said.

Cooperation between government, business

There were also calls for greater cooperation between the public and private sectors. Holder said businesses should invest in security, share information and cooperate with government agencies where necessary.

The FBI's Michael Vatis, who directs the NIPC, said a close working relationship with the private sector is needed to battle cybercrime.

"First, most of the victims of cybercrimes are private," Vatis said. "Successful investigation and prosecution of cybercrimes depends on private victims reporting incidents to law enforcement and cooperating with the investigators."

He said that in the past, companies have been reluctant to notify the FBI when a computer crime has been committed, preferring to handle the matter internally. But that is changing.

Paul Misener, vice president for Global Public Policy at Amazon.com, echoed the comments about greater public/private cooperation.

"Amazon.com already is engaged in this sort of informal partnership," Misener said. "In addition to assisting the ongoing investigations, our technologists are working with various law enforcement personnel on the latest developments in Internet technology and techniques. We believe it would be premature, however, to formalize this partnership."

By David Noack, an APBnews.com staff writer

http://dailynews.yahoo.com/h/ao/20000309/cr/20000309020.html

-- Jen Bunker (jen@bunkergroup.com), March 10, 2000


Moderation questions? read the FAQ