Nations seek swift response to cyberattacks

Featured eBooks
Law Enforcement Tech
Read Now

AI in the Workplace

Read Now

CX in Action

Read Now
By Diane Frank

By Diane Frank

|

Experts tell Congress that policies and procedures are needed to govern the sharing of cyberattack information internationally

Many problems have occurred in sharing cyberattack information quickly and

accurately within the U.S. government, and the problems multiply in the

international arena, experts told Congress Wednesday.

"We are increasingly finding that our investigations lead us to foreign

countries where we have to seek the assistance of local law enforcement,"

said Michael Vatis, director of the National Infrastructure Protection Center,

testifying before the House Government Management, Information and Technology

Subcommittee.

"We have made a great deal of progress improving cooperation with local

law enforcement communities, but there is a long way to go," he said. "We're

going to need more cooperation with countries we haven't traditionally dealt

with."

The biggest problem is the slow rate at which information is shared because

of a lack of consistent international policy, laws and technology, said

Ohad Genis, advocate and chief inspector at the Israel Police's National

Unit for Fraud Investigations, which has jurisdiction over national and

international cybercrime.

"What is needed is the establishment of a central organization that will

handle all requests for international assistance with online access," Genis

said.

At times, those problems can cause delays that hamper investigations and

wind up harming the systems people are trying to protect, said Richard Schaeffer,

director of infrastructure and information assurance at the Office of the

Assistant Secretary of Defense for Command, Control, Communication and Intelligence.

"Today, it takes us, at best, hours to transition from detection to warning — at worst, this could be days — and the attacks are executed in milliseconds,"

he said. "We must develop the technology, capabilities, processes and legal

framework to respond to cyberevents in real time."

Organizations such as Interpol have the structure in place to facilitate

information sharing between countries, but a common basis of legislation,

policy and procedures is still needed, said Edgar Adamson, chief of Interpol's

U.S. National Central Bureau.

NEXT STORY: Check cookies, help FirstGov, get a life