dcsimg
 
 

FBI: Companies Need to Report Cyber Attacks

By Scott Ferguson  |  Posted 2006-10-24 Email Print this article Print
 
 
 
 
 
 

An assistant director of the FBI's New York City bureau tells IT security professionals that more needs to be done to report hacking and other cyber-crimes.

NEW YORK—Companies should do more to report cyber-crimes such as hacking and phishing to help federal authorities investigate and ensure that additional data isn't compromised beyond initial attacks, a high-ranking FBI official said.

"A huge issue for us is the underreporting of successful or almost successful hacking," Special Agent Mark Mershin, the assistant director-in-charge of the FBI's New York City Office, told a crowd gathered here at the Infosecurity Conference and Exhibition on Oct. 24.

A 30-year FBI veteran, Mershin was appointed to his current position at the bureau's largest field office in May 2005. The expert spoke for a little more than an hour in a keynote address about the three most important issues facing the agency each day: counterterrorism, counterintelligence and cyber-crimes.

After talking to the audience about the FBI's mission and expanding duties, Mershin turned to the agency's role in preventing and investigating cyber-crimes, especially those that target enterprises and other businesses.

Click here to read more about the Department of Homeland Security's new cyber-crimes czar.

Each month, the FBI's Internet Crimes Complaint Center receives about 18,000 complaints about some sort of cyber-crime.

Some of the most consistent problems the bureau has seen in the last few years is the number of fraudulent Web sites that have been set up to look like legitimate sites for charities, especially those involving the Asian tsunami and Hurricane Katrina, he said.

The omnipresent Nigerian identity theft scam also remains one of the most successful of all cyber-crimes, much to the frustration of the FBI, Mershin said.

However, the agency is troubled by a pattern of behavior among corporations and businesses who are not consistently reporting when their infrastructure has been hacked, or even when their companies have become the unsuccessful target of hackers and other cyber-crooks.

Most companies, Mershin said, worry about the bottom line and feel any publicity or investigation into a cyber-crime will hurt profits.

"There is a concern that adverse publicity, the loss of good will and income" will have a bigger impact on the company than the actual crime, Mershin said.

Read the full story on eWEEK.com: FBI: Companies Need to Report Cyber Attacks.



 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that baselinemag.com may send you Baselinemag offers via email, phone and text message, as well as email offers about other products and services that Baselinemag believes may be of interest to you. Baselinemag will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit