Recently, President Obama issued an executive order to address cyberspying and other maliciously intended cyber activities conducted by hackers and spies in foreign countries. The order will assess penalties for overseas cyberspying and those that knowingly benefit from the act. In an email message to me, Greg Foss, senior security researcher with LogRhythm, called it an “interesting move,” adding:
This is primarily because attribution within the information security space is not nearly as easy as it sounds. It is trivial for hackers to pivot through other countries and misplace blame in order to create the illusion that an attack originated from a specific location. Malware can and will be created that contains false data, to shift culpability.
ESET Senior Security Researcher Stephen Cobb told me that they applaud the order as a way of addressing and improving cybercrime deterrence:
Many companies in the U.S. are spending a lot of money to improve their IT security and the security awareness of their employees in response to the seemingly relentless tide of cybercrime, but it is clear that these private sector efforts alone will not solve the cybercrime problem. Coordinated government action, both nationally and internationally, is urgently needed to attack those elements of the global cybercrime infrastructure that only persist due to the complicity of corrupt officials and unscrupulous businesses that turn a blind eye to cybercrime.
Hackers are shrugging off the executive order as just another security annoyance to conquer. But a recent study by ThreatTrack Security shows that some security and IT folks would be willing to bypass penalties and work with the hackers if it meant getting their stolen data back. Thirty percent of those surveyed admitted that they would broker a deal for the returned access to their data. And even if you are in that 70 percent who wouldn’t stoop to extortion, your peers think that you are—86 percent stated that they believe other companies have negotiated with cybercriminals.
The study also showed that security professionals want some government involvement in cybercrime and extortion, with 38 percent wanting to see policies put in place to better protect them and 44 percent saying the government should be given access to investigate reports of extortion.
To some extent, the new executive order should address those concerns.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba