Feeds

Hacked? Call a lawyer

Feds urge security pros to call in shysters

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Network administrators tasked with investigating cyber attacks on corporate networks should consider adding a potentially strange and unfamiliar tool to their defensive arsenals: the phone number of the company lawyer.

At least, that was the consensus of a panel of current and former law enforcement attorneys and corporate security heads speaking at the 2001 BNA Cybersecurity and Privacy Forum in Washington Wednesday.

"When we deal with some organizations, such as local law enforcement, we've got to make sure we have good legal advice," said Howard Schmidt, head of Microsoft's security department.

At issue: when investigating a hack attack, security professionals collect and handle evidence that may eventually become Exhibit A in a criminal case. But unlike FBI agents, computer geeks don't have the benefit of a trained federal prosecutor at each elbow, guiding them through the thicket of evidentiary law that, in theory, stands between a cyber attack and a successful prosecution.

Enter a new type of corporate in-house counsel: lawyers who help companies deal with the legal side of cyber security, an emerging niche that's particularly well suited for former prosecutors entering the private sector.

"It is a specialty, like contracts law, or deal law or real estate law," said America Online assistant general counsel Christopher Bubb, who until last month was a New Jersey cybercrime prosecutor. "It's a certain skill set and a knowledge set that's needed to participate in these investigations... It's not something that you learn in law school."

As a deputy district attorney, Bubb participated in the 1999 Melissa virus investigation that eventually identified New Jersey programmer David Smith as the author of the malicious code.That case, said Bubb, hinged on information gathered by AOL's security department, with the careful guidance of the company's legal team. "There's no dichotomy" at AOL, said Bubb. "[Lawyers are] allowed in on the decision making at the front end."

But will hands-on computer security experts pause in their pursuit of an intruder to bring company attorneys into the loop? Christopher Painter, deputy chief of the Justice Department's computer crime section, cited a recent, unscientific survey conducted by the Computer Security Institute (CSI) and the San Francisco office of the FBI, in which only 30 per cent of respondents who suffered cyber attacks said they reported the incident to company lawyers.

"System operators don't think about that," said Painter, an attorney himself. "That's not their concern."

© 2001 SecurityFocus.com, all rights reserved.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.