[Infowarrior] - GAO Report on Cybercrime Challenges
Richard Forno
rforno at infowarrior.org
Tue Jul 24 12:05:57 UTC 2007
Public and Private Entities Face Challenges in Addressing Cyber Threats
http://www.gao.gov/new.items/d07705.pdf
Summary
Cybercrime has significant economic impacts and threatens U.S. national
security interests. Various studies and experts estimate the direct economic
impact from cybercrime to be in the billions of dollars annually. The annual
loss due to computer crime was estimated to be $67.2 billion for U.S.
organizations, according to a 2005 Federal Bureau of Investigation (FBI)
survey. In addition, there is continued concern about the threat that our
adversaries, including nation-states and terrorists, pose to our national
security. For example, intelligence officials have stated that nation-states
and terrorists could conduct a coordinated cyber attack to seriously disrupt
electric power distribution, air traffic control, and financial sectors.
Also, according to FBI testimony, terrorist organizations have used
cybercrime to raise money to fund their activities. Despite the estimated
loss of money and information and known threats from adversaries, the
precise impact of cybercrime is unknown because it is not always detected
and reported (cybercrime reporting is discussed further in GAO¹s challenges
section).
Numerous public and private entities have responsibilities to protect
against, detect, investigate, and prosecute cybercrime. The Departments of
Justice, Homeland Security, and Defense, and the Federal Trade Commission
have prominent roles in addressing cybercrime within the federal government,
and state and local law enforcement entities play similar roles at their
levels. Private entities such as Internet service providers and software
developers focus on the development and implementation of technology systems
to detect and protect against cybercrime, as well as gather evidence for
investigations. In addition, numerous cybercrime partnerships have been
established between public sector entities, between public and private
sector entities, and internationally, including information-sharing efforts.
Entities face a number of key challenges in addressing cybercrime, including
reporting cybercrime and ensuring that there are adequate analytical
capabilities to support law enforcement (see table). While public and
private entities, partnerships, and tasks forces have initiated efforts to
address these challenges, federal agencies can take additional action to
help ensure adequate law enforcement capabilities.
What GAO Found Why GAO Did This Study Computer interconnectivity has
produced enormous benefits but has also enabled criminal activity that
exploits this interconnectivity for financial gain and other malicious
purposes, such as Internet fraud, child exploitation, identity theft, and
terrorism. Efforts to address cybercrime include activities associated with
protecting networks and information, detecting criminal activity,
investigating crime, and prosecuting criminals.
GAO¹s objectives were to (1) determine the impact of cybercrime
on our nation¹s economy and security; (2) describe key federal entities, as
well as nonfederal and private sector entities, responsible for addressing
cybercrime; and (3) determine challenges being faced in addressing
cybercrime. To accomplish these objectives, GAO analyzed multiple reports,
studies, and surveys and held interviews with public and private officials.
What GAO Recommends GAO recommends that the Attorney General and the
Secretary of Homeland Security help ensure adequate law enforcement
analytical and technical capabilities. In written comments on a draft of
this report, the FBI and the U.S. Secret Service noted efforts to assess and
enhance these capabilities.
http://www.gao.gov/new.items/d07705.pdf
More information about the Infowarrior
mailing list