[Infowarrior] - Europe poised to bolster Web shield

[Richard Forno]

 Europe poised to bolster Web shield
By Doreen Carvajal
Sunday, March 30, 2008

http://www.iht.com/bin/printfriendly.php?id=11530880

PARIS: Nearly a year after Estonia weathered an onslaught of cyberattacks,
its name has become a rallying cry for countries pressing to strengthen
global cooperation between governments and private Internet service
providers to combat computer crime. But some privacy advocates and computer
experts remain wary of such efforts.

On Tuesday, the Council of Europe plans to introduce guidelines to aid
computer crime investigators, building on a cybercrime treaty that has been
signed by 43 nations, including the United States. A controversial proposal
would require service providers to give the authorities a list of the types
of information that they could offer.

On Wednesday, NATO will present a strategy for countering computer attacks
at a meeting for heads of state in Bucharest, with a proposal to create a
central cyberdefense authority.

"The attacks on Estonia - directed at services on which Estonian citizens
rely - could happen anywhere," said James Appathurai, a NATO spokesman. "The
only way to defend against them is through multinational, multilateral
cooperation."

That kind of military talk concerns privacy advocates and computer experts,
who fear that private companies will be pressed into service to police users
as part of these strategies.

"One of the great consequences of all of this is that an agenda is created
for a society that is under surveillance," said Peter Sommers, a senior
research fellow at the London School of Economics and author of "The
Hacker's Handbook," written under the pseudonym Hugo Cornwall. "And in the
panic, we lose the quality of control."

Sommers added, "You can talk yourself into the threat of terrorism or
cyberterrorism that has no relationship to the actual risk you face."

At the Bucharest summit meeting, the NATO authorities will seek final
approval for a plan to emphasize international cyberdefense training
programs, an information alert system and the development of a central
authority to coordinate cyberdefense.

The civilian and military authorities in Estonia are rushing to complete a
NATO center for digital defense in the capital, Tallinn. The center, in an
old military barracks, is designed to be an international academy that
brings together experts from Western countries to analyze cyberthreats and
develop counterstrategies.

The United States, Germany, Italy and Spain have signaled that they will
take part in the center under an accord that is expected to be signed in
May. About 50 technicians and scientists will be recruited to work on
strategies for detecting and foiling attacks.

"Today it is quite easy to organize these attacks, and these criminals know
very well that there are not enough regulations and not enough laws," said
Estonia's foreign minister, Urmas Paet, who lobbied for an international
center in his country and more cooperation. "It's difficult to investigate
and also to punish."

Estonia is also participating in the Council of Europe's cybercrime
conference, contributing €50,000, or $79,000, to finance cybercrime training
programs along with Microsoft, which has donated $560,000.

The Council of Europe, where 47 member nations work to promote human rights,
is urging more countries to sign its cybercrime convention. It was the first
international treaty to define cybercrimes from child pornography to
computer fraud and network security violation.

The council is now trying to raise public and private cooperation with
guidelines for investigators to make information requests to a 24-hour
emergency contact network of service providers to obtain quick, efficient
responses from them.

Margus Kolga, director general of security policy for the Estonian Ministry
of Foreign Affairs, said the guidelines were essential because current
relations between law enforcement and service providers were based on
informal ties.

Kolga said that when Estonia came under attack last spring, most Internet
service providers cooperated with local investigators, but there were
exceptions, notably from ISPs in Russia, the suspected origin of the
cyberattacks. The help of private companies is vital, Kolga said, because
"criminals use certain channels to do things."

"And through cooperation with the ISPs, those channels can be blocked and
the information flow can be redirected," Kolga said. "And then it's possible
to keep things operating."

They can also help, he noted, in the most difficult part of an investigation
by providing information that may identify anonymous hands on a keyboard.

Experts say one of their most difficult tasks remains the determination of
whether they are looking for the handiwork of a hacker, a national
government, a company or a mix of all three.

The ISPs have not raised major objections to the guidelines, but there are a
few controversial proposals that they expect will be eliminated during the
council's conference, said Michael Rotert, a vice president of EuroISPA, a
trade organization for the largest Internet providers in Europe.

"These guidelines will give a certain set framework that can be applied
without interfering with national laws such as a 24/7 hotline," Rotert said,
adding that the companies opposed direct interference, like Scotland Yard
investigators in Britain calling a German company with a demand for
information.

Rotert said he expected at least one proposal to be deleted at the
conference. "They want the service providers to tell them what data is
available," he said. "That should be the other way around."

Marco Gerke, who led a working group of 25 computer experts that devised the
guidelines over the last six months, said the framework was designed to set
up a format of standard, written requests to help overcome the often uneasy
relationship between investigators and service providers.

"Cooperation between law enforcement and ISPs is very difficult," he said.
"Law enforcement has a view of what they want to get, but by the book
they're not allowed to get it. So this can lead to conflicts for a service
provider that wants to protect the rights of the customers."

Paet, the foreign minister of Estonia, said he hoped that more countries
would support the various international agreements to create "a legal,
concrete framework." But it may not improve matters in the long term with
Russia, which, along with nations like Georgia, Turkey and Liechtenstein,
has not signed the Council of Europe's cybercrime treaty.