Feeds

Supersleuthing BOFHs could help crack cybercrimes

MS exec: Sysadmins should gather evidence for the cops

Secure remote control for conventional and virtual desktops

LCC System administrators should be the detectives in cyber investigations, a top Microsoft security bod said.

It wasn’t helpful for cops to go blundering into companies’ networks to look for evidence in cybercrimes, because the sysadmin will know where to look for that information, said Scott Charney, VP of trustworthy computing group at MS.

“The evidence you need to investigate cybercrime is often in the hands of the private sector... and in these cases, the sysadmin becomes lead investigator in the cybercrime case,” he said.

Charney, who was previously chief of the Computer Crime and Intellectual Property Section for the US Justice Department, said that companies often didn’t want to collaborate with government investigations because they were afraid they’d have to open up their networks. But in reality, it was better for the firm’s IT staff, who know the network, to search for the evidence, he said.

In the great anonymity versus accountability debate, Charney argued that what was needed was a bit of both.

“What increasing became clear [in my career] is that you had to ask the question at one level up. Do you want anonymity or accountability in certain things on the net?” he said. “For internet banking – we want robust authentication. But if I’m engaged in certain kinds of speech I may want anonymity and society should support that anonymity.”

“The reason for anonymity is that it protects important values like free speech... and things we want to support as human rights. On the other hand, criminals do bad things so you want accountability,” he added.

Charney also said that everyone already knows what to do about cybercrime, but getting it done was the problem.

“Strategically we know what to do but tactically it’s hard,” he said. “What we need to do is harmonise national laws and build capability in countries all over the world and then you need to establish 24/7 contacts so that you can access knowledgeable people in any country at any time so that you can at least freeze the info you need before it’s gone... and then find a quick way to get that information to the agency that needs it.”

Charney was speaking at the London Conference on Cyberspace (LCC), which is hosting debates on issues like cyber security, cybercrime, the digital divide and internet freedoms. ®

Intelligent flash storage arrays

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.