WASHINGTON (03/09/2000) - The U.S. Department of Justice last week asked for more money to catch crackers, a request that drew support from one Web business that has firsthand knowledge of the government's needs.
Paul Misener, a vice president at Seattle-based Amazon.com Inc., said the Internet retailer's information technology staff has been working with federal investigators to bring them up-to-date on Internet technologies and on ways to better preserve digital evidence.
"Perhaps there have been things that have caused us to believe that better preservation techniques could be used" by law enforcers, Misener said. He told a congressional subcommittee two weeks ago that investigators need "continuous training in the latest digital forensic techniques."
Justice Department officials said they're pursuing hundreds of leads in the recent denial-of-service attacks on Amazon.com, eBay Inc., Yahoo Inc. and others. "We are making progress," Deputy Attorney General Eric Holder said at the hearing.
But Justice Department officials say more money and legal changes are needed to track down people who attack Web sites.
For instance, when a cracker breaks into a system, the attack may travel a serpentine route through multiple servers and carriers located in numerous states. But when police and federal agents attempt to trace such an attack, they must apply for court orders in each jurisdiction.
Nationwide Court Order
The ability to get one court order for a national trace "would make a tremendous difference in the conduct of this case," said Martha Stansell-Gramm, chief of the computer crime and intellectual property section at the Justice Department.
Sen. Jon Kyl, a Republican from Arizona, and Sen. Charles Schumer, a Democrat from New York, recently introduced a bill that would allow investigators to completely trace an online communication without seeking permission from each state.
But there is some disagreement on the need for new laws. The high-tech lobby is wary of any new security laws for fear they could bring unwanted government regulation. And some members of Congress feel the private sector should be doing more to protect itself.
The government is pushing for improved cooperation between the public and private sectors in sharing information. And cooperation is improving, said David Noznesky, director of corporate security at FPO Group Inc., the parent company of Florida Power & Light Co. in Juno Beach, Fla.
"The private sector is hungry for information regarding the estimate of what the emerging threats are and the changing vulnerabilities," Noznesky said.
"There is a desire on both sides to improve that exchange, and it is occurring," he added.