FBI Places Onus on Businesses to Guard Systems

WASHINGTON (02/09/2000) - In the wake of a second day of widespread e-commerce cyber attacks, FBI officials today sent a clear signal to corporate America: businesses have a high degree of responsibility for their own systems.

The FBI right now claims it has neither suspects nor any firm leads on a motive for the denial of service hits absorbed by some of the Internet's largest players in the last 48 hours.

However, Attorney General Janet Reno said that the FBI and U.S. Department of Justice (DOJ) are assuming that the attacks are aimed at undermining the public's level of confidence in e-commerce.

The FBI, along with law enforcement officials at every level of government, are scrambling to ensure that "the Internet and e-commerce sites are a secure place to do business," Reno said.

Still the FBI used its first press conference since the attacks mainly to stress the importance of private sector responsibility in safeguarding e-commerce.

Vigilant security is crucial in protecting not only a particular company's own systems but in preventing hackers from using that company's computers to launch a (denial of service) attack, officials said.

Officials today mentioned specifically that companies should download current versions of software to thwart leading denial of service attacks such as TFN (Tribal Flood Network) and "Trinoo."

The FBI suspects that many of the attacks were launched from systems maintained by "innocent third parties" said Ron Dick, chief of the Computer Investigations and Operations Section of the National Infrastructure Protection Center.

Hackers likely had penetrated those third-party systems to insert the ingredients necessary for disrupting other e-commerce sites.

"It is therefore very important for the whole Internet community to take responsibility for their own systems to minimize these kinds of incidents," Dick said.

Given the spate of attacks under way, government officials may also be leaning more heavily on ISPs (Internet service providers) and others to maintain reliable records, should law enforcement need to gather that data for an investigation, Dick said.

ISPs often do not maintain accurate logs, Dick added.

For its part, law enforcement is struggling to maintain the level of expertise necessary to handle the escalating occurrences of cyber crime.

The Clinton Administration this week in the fiscal year 2001 budget asked that the Department of Justice get an extra US$37 million to fight Internet-related crime.

The Federal Bureau of Investigations, in Washington, is at http://www.fbi.gov/.

Join the newsletter!

Error: Please check your email address.

More about Department of JusticeDOJFBI

Show Comments
[]