Must Read: Sorry, but bringing back the Start menu won't help Windows 8

Topic: CXO

US Government leadership in cyber security lacking

Summary: I see that the US assistant secretary of the national cyber-security division of the Homeland Security Department addressed the New York City Metro InfraGard. His remarks are disturbing to me because the reflect a growing (continuing?

Richard Stiennon

By Richard Stiennon for Threat Chaos |

I see that the US assistant secretary of the national cyber-security division of the Homeland Security Department addressed the New York City Metro InfraGard. His remarks are disturbing to me because the reflect a growing (continuing?) cluelessness within the US government on cyber security matters.

A quote from the article:

"You all know our adversaries will stop at nothing to destroy the infrastructures we all work so hard to protect. ... We're all at risk, we're all responsible. and there's much more we have to do to protect our critical systems," Garcia said. "New York is the world's financial nucleus. ... As Wall Street goes, so does the rest of the economy."

Talk about spreading fear uncertainty and doubt (FUD). First off, what "adversaries" is he talking about? Cyber criminals? They certainly do not want to damage our infrastructure. Terrorists? Well if our infrastructure is so vulnerable what has stopped them from attacking it so far? Obviously something has because I do not dispute the vulnerability of our infrastructure.

While on the subject of cyber crime look what the assistant secretary has to say:

Garcia said there is a $100 billion market for cyber crime -- more than the illegal drug market.

I wish I could learn how to harness the power of a meme for marketing purposes. This particular idea, that cyber crime exceeds the drug trade, needs to be killed before it does serious damage. The very least I can do is expose the stupidity behind it. In this way my readers can identify clueless spokespeople whenever they attempt to propagate this idea.

First some history. I have blogged about this before,and here. And most recently when the CEO of McAfee used it. It all started at a security conference in Ryadh of all places. One Ms Valerie McNiven, a one time consultant to the US Treasury Department stated:

“Last year (2004) was the first year that proceeds from cyber-crime were greater than proceeds from the sale of illegal drugs, and that was, I believe, over $105 billion,”

Well, when I dig in to it I find numbers for the global drug trade in excess of $400 billion. Think of it. All of Afghanistan's economy is fueled by the drug trade. Most of Columbia likewise. To give you a sense of perspective the US Drug Enforcement Agency's budget is $42 BILLION. Imagine a Cyber Crime Division of the US with a $42 Billion budget. Is that what Mr. Garcia is angling for?

Yes, cyber crime is a serious problem. But a $100 billion problem? I think not. Yes it is growing rapidly, yes we are vulnerable. But comparing cyber crime to the illegal drug industry is foolish at best, criminally misleading at worst.

Topic: CXO

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion

  • War on Technology

    I can see a great headline coming someday; WAR ON TECHNOLOGY: US Seeks to Fight War on Technology.

    Peace and Cheers,
    mp
    markpalmer@...
    Reply Vote

  • Note that the official quoted...

    ...holds a patronage appointment, which gives us a good idea of who to blame for this state of affairs (the president is in charge and therefore takes responsibility).

    Looks like senior administration officials aren't listening to their civil service techies.
    John L. Ries
    Reply Vote

  • RE: US Government leadership in cyber security lacking

    Does it really require a whole lot of effort to keep the one most important security issue under check? People. If you remove personal email at work and filter all email content coming into secure areas and allow only hardware and software specified to be used and closely watched you would eliminate most of the problem. Hey, it is the government right? It is responsible for content that more often than not is confidential right? So eliminate Joe Dufus for watching the ball game or emailing his friends and family at work. And shut those damn cell phones and text messaging off in the buildings while you are at it. While we are at it if your are going to take that laptop home for work it had better be just for that and inform each employee that there is a key logger on the system and they are being logged! I'm sorry, I forgot we are talking about government workers. One of the toughest people in the world to fire from a job for failing to comply with rules they made.
    Start off by firing everyone in the V.A. that had the slightest hand in that compromise.
    msdead
    Reply Vote

  • RE: US Government leadership in cyber security lacking

    Thanks, Richard, for this posting. It does not surprise me that the actual cost of cybercrime is so difficult to quantify when the actual amount of cybercrime perpretrated still can't be quanitified either. The Feds have yet to develop a method of analyzing cybercrime and its impact. I know that "$100 billion" statement has been questioned numerous times. I just think if the public had a real number to wrap around as to just how prolific cybercrime was, they might support more effort to combat it.

    Felicia Donovan
    THE BLACK WIDOW AGENCY
    www.feliciadonovan.com
    www.blackwidowagency.com
    FeliciaDonovan
    Reply Vote

  • Not sure the public is needed

    The long term solution is international cooperation between law enforcement groups. That needs support of government which is ultimately "the public" but short term they could be doing more.

    -Stiennon
    RStiennon
    Reply Vote

    • A Key to Curbing CyberCrime

      While I don't disagree with you about the need for more international cooperation between law enforcement groups, in many cases, the cooperation needs to happen with corporations - particularly financial institutions who handle transactions - because no matter what, cybercrime is a business and most are in it for a profit.

      I'm encouraged by the recent collaborative efforts between NCMEC (Nat'l Center for Missing & Exploited Children) and the Financial Institutions Coalition. This is one of the first concerted efforts to nab those distributing kiddie porn via the Internet by their financial transactions. That's the kind of collaborative effort that will have far more sustainable impact.

      Felicia Donovan
      THE BLACK WIDOW AGENCY
      www.blackwidowagency.com
      FeliciaDonovan
      Reply Vote

  • RE: US Government leadership in cyber security lacking

    Yes, just one little step closer to letting the government in to
    protect us. Don't let it happen. It's good they are clueless, let
    them stay that way. There's more good in government's
    security failing than bad. When their security goes down we
    find out how truly evil they are and all the non-constitutional
    dealings they have done. When they try to protect us, they just
    harm us and hide it in their files.

    Give me my own security software any day and I'll put up with
    tons of spam just to keep the government -any government-
    out of the security business. Oh, and yes I've been on their
    black list for years, what's another bit of free speech gonna
    hurt.
    ardentangel@...
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close