CybercrimeDHS to lead anti-cybercrime campaign

Published 27 February 2015

DHS is gearing up to be the leader in the White House’s campaign to stop cybercrime. President Barack Obama has called cyberspace the “wild west” and that citizens as well as the private sector are looking to the government to be the sheriff. Obama has signed an executive order to promote information sharing between the private and public sector, but many tech companies are hesitant to provide the government cyberthreat information.Under DHS’s proposal, both private companies and government agencies will submit details of previous or current cyberattacks into a shared database hosted by DHS’s National Cybersecurity and Communications Integration Center. Participating entities will then be able to tap into that database to learn about potential attacks targeted at their respective industries.

DHS is gearing up to be the leader in the White House’s campaign to stop cybercrime. President Barack Obama has called cyberspace the “wild west” and that citizens as well as the private sector are looking to the government to be the sheriff. Obama has signed an executive order to promote information sharing between the private and public sector, but many tech companies are hesitant to provide the government cyberthreat information. “We are going to have to earn their trust,” said Phyllis Schneck, deputy undersecretary for cybersecurity. “It’s my scientific belief that there will be a benefit in getting our data, and you don’t have to give anything at first in order to get it. It’s voluntary. I think the companies will see that.”

Under DHS’s proposal, both private companies and government agencies will submit details of previous or current cyberattacks into a shared database hosted by DHS’s National Cybersecurity and Communications Integration Center. Participating entities will then be able to tap into that database to learn about potential attacks targeted at their respective industries. “We have to do the one thing the adversary can’t. And that is connect all the dots — from what the private sector sees, what we in government see, and put it together and make it available to every computer on the planet that needs to be protected,” said Schneck.

Top financial firms already participate in a private initiative to prevent industry-targeted cyberattacks. John South, chief security officer at Heartland Payment Systems, said other industries are far behind. He noted that hackers do not have to be innovative- they simply take an attack, and replicate it. “If they work fast enough, they can get these pieces of malware into an operation fairly quickly,” South said.

National Public Radio reports that most banking and healthcare firms are required to report some data breaches to regulators, but DHS wants more public and private entities to share detailed threat information including specific lines of malware and the unique IP addresses of attacking computers. “You picture two tin cans and a string. We just want everyone to have the same string and the same type of can,” Schneck said.