Tag Archives: Government

BlackBerry Awarded “Authority to Operate” on U.S. Department of Defense Networks

image

BlackBerry has announced today that the US Defense Information System Agency (DISA) has given both the BlackBerry Z10 and Q10 the Authority to Operate (ATO) on the Department of Defense (DoD) networks, making BlackBerry the first Mobile Device Management (MDM) to obtain an ATO. With the ATO, the DISA is prepping to support 10,000 BB10 devices by the fall and over 30,000 but the end of 2013. 

Press Release below:

BlackBerry Awarded “Authority to Operate” on U.S. Department of Defense Networks

DISA deploying BlackBerry Enterprise Service 10 to support BlackBerry 10 smartphones on DoD networks

WATERLOO, ONTARIO–(Marketwired – August 08, 2013) – BlackBerry® (NASDAQ: BBRY)(TSX: BB) today announced the U.S. Defense Information System Agency (DISA) has given BlackBerry® Z10 and BlackBerry® Q10 smartphones with BlackBerry® Enterprise Service 10, the Authority to Operate (ATO) on Department of Defense (DoD) networks. BlackBerry is the first Mobile Device Management (MDM) provider to obtain an ATO.

With the ATO, DISA is now developing the infrastructure to support BlackBerry 10 smartphones. DISA is architecting the capacity to support 10,000 BlackBerry 10 smartphones by this fall and 30,000 by the end of 2013 on DoD networks.

“Being the first smartphones to be supported on U.S. Department of Defense networks further establishes BlackBerry’s proven and validated security model,” said Scott Totzke, SVP, BlackBerry Security Group at BlackBerry. “With foreign entities – governmental and criminal – ramping up attacks on electronic communications and information systems, BlackBerry provides government agencies with a proven partner that follows top-to-bottom security protocols.”

Receiving the ATO is a critical step forward in the security certification process. The approval demonstrates that BlackBerry 10 smartphones meet DoD’s most stringent security requirements. BlackBerry 10 smartphones will enable DoD personnel to have the ability to securely connect to networks and access assets from work. The BlackBerry mobile infrastructure provides a highly responsive, intelligent and intuitive mobile computing experience while ensuring the personal and the corporate information on a user’s phone are kept separate and safe.

For more information about BlackBerry 10, please visit: http://www.blackberry.com/BB10.

Source: CrackBerry, Yahoo Finance

Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight

image

A legal fight over the government’s use of a secret surveillance tool has provided new insight into how the controversial tool works and the extent to which Verizon Wireless aided federal agents in using it to track a suspect.

Court documents in a case involving accused identity thief Daniel David Rigmaiden describe how the wireless provider reached out remotely to reprogram an air card the suspect was using in order to make it communicate with the government’s surveillance tool so that he could be located.

Rigmaiden, who is accused of being the ringleader or a $4 million tax fraud operation, asserts in court documents that in July 2008 Verizon surreptitiously reprogrammed his air card to make it respond to incoming voice calls from the FBI and also reconfigured it so that it would connect to a fake cell site, or stingray, that the FBI was using to track his location.

Air cards are devices that plug into a computer and use the wireless cellular networks of phone providers to connect the computer to the internet. The devices are not phones and therefore don’t have the ability to receive incoming calls, but in this case Rigmaiden asserts that Verizon reconfigured his air card to respond to surreptitious voice calls from a landline controlled by the FBI.

The FBI calls, which contacted the air card silently in the background, operated as pings to force the air card into revealing its location.

In order to do this, Verizon reprogrammed the device so that when an incoming voice call arrived, the card would disconnect from any legitimate cell tower to which it was already connected, and send real-time cell-site location data to Verizon, which forwarded the data to the FBI. This allowed the FBI to position its stingray in the neighborhood where Rigmaiden resided. The stingray then “broadcast a very strong signal” to force the air card into connecting to it, instead of reconnecting to a legitimate cell tower, so that agents could then triangulate signals coming from the air card and zoom-in on Rigmaiden’s location.

To make sure the air card connected to the FBI’s simulator, Rigmaiden says that Verizon altered his air card’s Preferred Roaming List so that it would accept the FBI’s stingray as a legitimate cell site and not a rogue site, and also changed a data table on the air card designating the priority of cell sites so that the FBI’s fake site was at the top of the list.

Rigmaiden makes the assertions in a 369-page document he filed in support of a motion to suppress evidence gathered through the stingray. Rigmaiden collected information about how the stingray worked from documents obtained from the government, as well as from records obtained through FOIA requests filed by civil liberties groups and from open-source literature.

During a hearing in a US District Court in Arizona on March 28 to discuss the motion, the government did not dispute Rigmaiden’s assertions about Verizon’s activities.

The actions described by Rigmaiden are much more intrusive than previously known information about how the government uses stingrays, which are generally employed for tracking cell phones and are widely used in drug and other criminal investigations.

The government has long asserted that it doesn’t need to obtain a probable-cause warrant to use the devices because they don’t collect the content of phone calls and text messages and operate like pen-registers and trap-and-traces, collecting the equivalent of header information.

The government has conceded, however, that it needed a warrant in his case alone — because the stingray reached into his apartment remotely to locate the air card — and that the activities performed by Verizon and the FBI to locate Rigmaiden were all authorized by a court order signed by a magistrate.

The Electronic Frontier Foundation and the American Civil Liberties Union of Northern California, who have filed an amicus brief in support of Rigmaiden’s motion, maintain that the order does not qualify as a warrant and that the government withheld crucial information from the magistrate — such as identifying that the tracking device they planned to use was a stingray and that its use involved intrusive measures — thus preventing the court from properly fulfilling its oversight function.

“It shows you just how crazy the technology is, and [supports] all the more the need to explain to the court what they are doing,” says EFF Staff Attorney Hanni Fakhoury. “This is more than just [saying to Verizon] give us some records that you have sitting on your server. This is reconfiguring and changing the characteristics of the [suspect’s] property, without informing the judge what’s going on.”

The secretive technology, generically known as a stingray or IMSI catcher, allows law enforcement agents to spoof a legitimate cell tower in order to trick nearby mobile phones and other wireless communication devices like air cards into connecting to the stingray instead of a phone carrier’s legitimate tower.

When devices connect, stingrays can see and record their unique ID numbers and traffic data, as well as information that points to the device’s location.

By moving the stingray around and gathering the wireless device’s signal strength from various locations in a neighborhood, authorities can pinpoint where the device is being used with much more precision than they can get through data obtained from a mobile network provider’s fixed tower location.

Use of the spy technology goes back at least 20 years. In a 2009 Utah case, an FBI agent described using a cell site emulator more than 300 times over a decade and indicated that they were used on a daily basis by U.S, Marshals, the Secret Service and other federal agencies.

The FBI used a similar device to track former hacker Kevin Mitnick in 1994, though the version used in that case was much more primitive and passive.

A 1996 Wired story about the Mitnick case called the device a Triggerfish and described it as “a technician’s device normally used for testing cell phones.” According to the story, the Triggerfish was “a rectangular box of electronics about a half a meter high controlled by a PowerBook” that was essentially “a five-channel receiver, able to monitor both sides of a conversation simultaneously.” The crude technology was hauled around in a station wagon and van. A black coaxial cable was strung out of the vehicle’s window to connect the Triggerfish to a direction-finding antenna on the vehicle’s roof, which had four antenna prongs that reached 30 centimeters into the sky.

The technology has become much sleeker and less obtrusive since then, but still operates under the same principles.

In Rigmaiden’s case, agents apparently used two devices made by a Florida-based company called Harris. One was the company’s StingRay system, which is designed to work from a vehicle driven around a neighborhood to narrow a suspect’s location to a building. Once agents tracked the signals from Rigmaiden’s air card to the Domicilio Apartments complex in Santa Clara, California, they apparently used another device made by Harris called the — a handheld system that allowed them to walk through the complex and zero-in on Rigmaiden’s air card in apartment 1122.

Although a number of companies make stingrays, including Verint, View Systems, Altron, NeoSoft, MMI, Ability, and Meganet, the Harris line of cell site emulators are the only ones that are compatible with CDMA2000-based devices. Others can track GSM/UMTS-based communications, but the Harris emulators can track CDMA2000, GSM and iDEN devices, as well as UMTS. The Harris StingRay and KingFish devices can also support three different communication standards simultaneously, without having to be reconfigured.

Rigmaiden was arrested in 2008 on charges that he was the mastermind behind an operation that involved stealing more than $4 million in refunds from the IRS by filing fraudulent tax returns. He and others are accused of using numerous fake IDs to open internet and phone accounts and using more than 175 different IP addresses around the United States to file the fake returns, which were often filed in bulk as if through an automated process. Rigmaiden has been charged with 35 counts of wire fraud, 35 counts of identify theft, one count of unauthorized computer access and two counts of mail fraud.

image

The surveillance of Rigmaiden began in June 2008 when agents served Verizon with a grand jury subpoena asking for data on three IP addresses that were allegedly used to electronically file some of the fraudulent tax returns. Verizon reported back that the three IP addresses were linked to an air card account registered in the name of Travis Rupard — an identity that Rigmaiden allegedly stole. The air card was identified as a UTStarcom PC5740 device that was assigned a San Francisco Bay Area phone number.

A court order was then submitted to Verizon Wireless requiring the company to provide historical cell site data on the account for the previous 30 days to determine what cell towers the air card had contacted and determine its general location. Verizon responded by supplying the government with information that included the latitude and longitude coordinates for five cell sites in San Jose and Santa Clara cities, in the heart of Silicon Valley.

In July, the government served Verizon Wireless with another court order directing the company to assist the FBI in the use and monitoring of a mobile tracking device to locate an unidentified suspect. The order directed Verizon Wireless to provide the FBI with any “technical assistance needed to ascertain the physical location of the [air card]….”

The government has
fought hard to suppress information on how it uses stingrays, but in his motion to suppress, Rigmaiden lays out in great detail how the surveillance occurred and the nature of the technical assistance Verizon provided the FBI.

On the morning of July 14, 2008, FBI Agent Killigrew created a cell tower range chart/map consisting of a street map, plotted Verizon Wireless cell site sectors belonging to cell site Nos. 268, 139, and 279, and a triangulated aircard location signature estimate represented by a shaded area. On the chart/map, the total land area collectively covered by cell site Nos. 268, 139, and 279 is approximately 105,789,264 ft2. FBI Agent Killigrew used triangulation techniques and location signature techniques to eliminate 93.9% of that 105,789,264 ft2 area resulting in the location estimate being reduced to 6,412,224 ft2 represented by the shaded area. The shaded area on the cell tower range chart covers the location of apartment No. 1122 at the Domicilio apartment complex.

On July 15, agents with the FBI, IRS and US Postal Service flew to San Jose to triangulate Rigmaiden’s location using the stingray. They worked with technical agents from the San Francisco FBI’s Wireless Intercept and Tracking Team to conduct the real-time tracking.

According to Rigmaiden, the agents drove around the cell site areas gathering information about signal range and radio frequencies for each cell site sector. “The radio frequency information was needed so that the FBI technical agents could properly configure their StingRay and KingFish for use in cell site emulator mode,” Rigmaiden writes. “By referencing a list of all the radio frequencies already in use, the FBI was able to choose an unused frequency for use by its emulated cellular network that would not interfere with the various FCC licensed cellular networks already operating in the noted area.”

The next day, Verizon Wireless surreptitiously reprogrammed Rigmaiden’s air card so that it would recognize the FBI’s stingray as a legitimate cell site and connect to it “prior to attempting connections with actual Verizon Wireless cell sites.” The FBI needed Verizon to reprogram the device because it otherwise was configured to reject rogue, unauthorized cell sites, Rigmaiden notes.

On July 16, the FBI placed 32 voice calls to the air card between 11am and 5pm. Each time the air card was notified that a call was coming in, it dropped its data connection and went into idle mode. At the same time, it sent real-time cell site location information to Verizon, which forwarded the information to the FBI’s DCS-3000 servers, part of the elaborate digital collection system the FBI operates for wiretapping and pen-registers and trap-and-traces. From the FBI’s servers, the location data was transmitted wirelessly through a VPN to the FBI’s technical agents “lurking in the streets of Santa Clara” with the StingRay.

image

A stingray, made by Harris Corp. Image: U.S. Patent and Trademark Office

At this point, the StingRay took over and began to broadcast its signal to force the air card — and any other wireless devices in the area — to connect to it, so that agents could zoom-in on Rigmaiden’s location.

“Because the defendant attempted to keep his aircard continuously connected to the Internet, the FBI only had a very short window of time to force the aircard to handoff its signal to the StingRay after each surreptitious voice call [and] the FBI needed to repeatedly call the aircard in order to repeatedly boot it offline over the six hours of surreptitious phone calls,” Rigmaiden writes. “Each few minute window of time that followed each denial-of-service attack (i.e., surreptitious phone call) was used by the FBI to move its StingRay, while in cell site emulator mode, to various positions until it was close enough to the aircard to force an Idle State Route Update (i.e., handoff).”

Rigmaiden maintains that once the connection was made, the StingRay wrote data to the air card to extend the connection and also began to “interrogate” the air card to get it to broadcast its location. The FBI used the Harris AmberJack antenna to deliver highly-directional precision signals to the device, and moved the StingRay around to various locations in order to triangulate the precise location of the air card inside the Domicilio Apartments complex.

According to Rigmaiden, agents also transmitted Reverse Power Control bits to his air card to get it to transmit its signals at “a higher power than it would have normally transmitted if it were accessing cellular service through an actual Verizon Wireless cell site.”

Once agents had tracked the device to the Domicilio Apartments complex, they switched out the StingRay for the handheld KingFish device to locate Rigmaiden’s apartment within the complex.

Around 1am on July 17, an FBI agent sent a text message to another FBI agent stating, “[w]e are down to an apt complex….” By 2:42 am, one of the FBI technical agents sent a text message to someone stating that they had “[f]ound the card” and that agents were “working on a plan for arrest.”

Agents still didn’t know who was in the apartment — since Rigmaiden had used an assumed identity to lease the unit — but they were able to stake out the apartment complex and engage in more traditional investigative techniques to gather more intelligence about who lived in unit 1122. On August 3, while the apartment was still under surveillance, Rigmaiden left the unit. Agents followed him a short distance until Rigmaiden caught on that he was being followed. After a brief foot chase, he was arrested.

Rigmaiden and the American Civil Liberties Union and Electronic Frontier Foundation have argued that the government did not obtain a legitimate warrant to conduct the intrusive surveillance through the stingray. They say it’s indicative of how the government has used stingrays in other cases without proper disclosure to judges about how they work, and have asked the court to suppress evidence gathered through the use of the device.

U.S. District Court Judge David Campbell is expected to rule on the motion to suppress within a few weeks.

Source: Wired

Homeland Security Approves Their Right To Search and Seize Your Electronics Without Suspicion

Four years ago, Agnieszka Gaczkowska, a 29-year-old doctor and entrepreneur from Poland, was travelling through Detroit’s airport on her way to Boston when her bag was selected for random inspection.  The inspection officer asked her if she had any documents with her. Exhausted after a long journey, she replied that she did not, forgetting that she had put a few outstanding bills in one of her textbooks.

Suddenly, she found herself in serious trouble. The inspection officer found the bills and accused her of “lying to a federal officer.” They held her for two hours as she was interrogated about the details of her life. The officer ordered her to turn her phone on, and then proceeded to read her e-mails, texts, and Facebook messages without her permission.  She was shocked. Eventually, Gaczkowska was released, but she wondered if this was a common practice.

As it turns out – it is; thousands of people every year face a similar situation.  Our government agencies have allowed themselves the right to search and seize your electronic devices with stunning impunity.

Just two weeks ago, the Department of Homeland Security quietly released a strangely worded document reaffirming their own right to search and seize your electronics without suspicion or cause, anywhere along the United States border (which they define as 100 miles in from the border – an area twice as long as Rhode Island).  In reality, this is nothing new, Homeland Security been doing this since at least 2009; That’s when Secretary Napolitano put her stamp on the Bush-era practice, and promised an impact assessment within 120 days. Over two years later, it’s finally here, and it is nothing more than a poorly written press release.

Having a government official force their way into your laptop is fundamentally different from having them inspect your suitcase.  Our hard drives contain personal correspondence, intimate details, deep logs of our activities, and sensitive financial or medical information.  Yet we still give this less legal privacy protection than a sealed envelope with a stamp on it.

For now, the business community has figured out a way around having the government search and confiscate devices with company secrets – give their employees blank laptops, and put the important information in the cloud. This subject is much bigger than how Homeland Security does its job. There is a deeper issue here that is not going away any time soon: our electronics, and the data they hold, have become extensions of who we are.

The Fourth Amendment of the Constitution already provides us with protection against unreasonable search and seizures for people in their “persons, houses, papers, and effects” – is it time that we add “data” to this list?

The way in which we go about answering this question will have enormous ramifications for our entire legal system. Courts around the country are struggling to decide how to balance security with privacy.  From school to the workplace, this question is popping up in different ways almost every day.

In the meantime, the government has accelerated their pursuit of our digital breadcrumbs. In 2011, mobile companies received a staggering 1.3 million law enforcement requests for data, including text messages and location information. It has been over 25 years since Ronald Reagan signed sweeping digital privacy protections into law. In today’s world of cloud computing and ubiquitous screens, these protections are horribly inadequate. We should not have to continue to rely on protections passed in an age where the Internet was a military project and the personal computer was just becoming a common thing.

Eventually, the Supreme Court will have to step in to settle the issue, and they are not exactly known for their technological expertise.  It might not be long before we are asked at the airport whether we packed our own devices, if we were asked to bring anyone else’s files, and if we know if anyone has placed any data on our devices without our knowledge.  At least then, it might seem polite; for now, they don’t even have to bother with the questions.

Source: Forbes

Car-to-Car Communication Put At Risk By FCC Wi-Fi Proposal

Technologies being developed to aid in communications between cars may be affected by the Federal Communications Commission’s plan to increase Wi-Fi spectrum.

Bands reserved since 1999 for car-to-car communication may become collateral damage in the FCC’s search for more wireless spectrum, and potentially puts the future of self-driving vehicles at risk.

A letter from automotive trade associations has been sent to FCC Chairman Julius Genachowski in protest of the plans, reports Bloomberg. Parallels were drawn with the LightSquared wireless broadband network proposal, which was at first approved by the FCC, before it was discovered that the signals affected GPS equipment. By opening nearby spectrum to other devices, the possibility of crosstalk or interference with the allocated-to-automotive bands could effectively cause an accident to occur.

The systems currently being developed allows cars at short range to communicate automatically, with data such as speeds, changes in direction, and other important details being transferred between the cars, with the ultimate goal of reducing collisions and vehicular accidents. Currently undergoing testing in Ann Arbor Michigan inside 3,000 vehicles, the technology is said by automakers to cost as little as $100 per vehicle to install, both from new and as an after-market option.

The FCC will be voting on the Wi-Fi proposal on February 20th.

Source: Electronista

Department of Energy Mismanaged ‘Smart Grid’ Money According to Report

The Department of Energy mismanaged millions of dollars last year when quickly doling out recovery funds for new “smart grid” projects, according to a new inspector general’s report.

The agency failed to secure proper documentation for reimbursements and allowed some recipients to falter on their cost-share responsibilities when approving 11 projects worth about $12 million, DOE Inspector General Gregory Friedman said in a report released this week.

“We found the department had not always managed the program effectively and efficiently,” Friedman wrote.

DOE has been tasked with disbursing large sums of money for new grid projects under the American Recovery and Reinvestment Act, with the aim of injecting money into the faltering economy.

The agency has distributed about $700 million to support 42 projects demonstrating new energy storage systems and advanced metering, 10 of which were only partially funded, according to the report.

After reviewing 11 smart grid projects, Friedman said, he uncovered about $12.3 million in “questionable spending.”

Specifically, DOE officials failed to provide documentation to show reimbursements were necessary or cost-effective, he said. In one case, the agency reimbursed two recipients based on estimates and not actual costs, resulting in overpayments of almost $10 million, he said. A third recipient received almost $2.4 million without showing the proper documentation, according to the report.

The agency also allowed one recipient to use $28 million worth of proceeds from a federally backed project to meet its cost-share requirement, Friedman said. Recipients cannot under federal law use federal funds or previous contributions to meet cost-share requirements, he said.

In another case, DOE awarded a recipient $14 million for a project that had already received $2 million under the Advanced Research Projects Agency-Energy program for similar work.

“In fact, the recipient, unknown to the department until our audit, had reported the same accomplishments under both awards,” Friedman said.

DOE has already recovered most of the money in question, and the agency agreed with many of Friedman’s findings in the report. But the department also rejected some of his concerns, including the assertion that the department approved $1.7 million for an energy storage project that hadn’t been built yet.

Instead, DOE said it “maintained frequent contact with the recipient and had been continually aware of the project’s progress.”

Report PDF

Source: Governor’s Wind Energy Coalition

FCC Plans to Free Up More Spectrum in Effort to Relieve Congested Wi-Fi Networks

The Federal Communications Commission has proposed a plan to free up more spectrum in the 5GHz range for Wi-Fi purposes. Speaking at an event in Las Vegas today, FCC Chairman Julius Genachowski said that the freed spectrum will relieve the congestion and “traffic jam” that currently constricts Wi-Fi networks today. The extra spectrum is currently used by the Department of Defense, and will be shared with government purposes should the proposal be approved. Genachowski did not say how much spectrum the proposal would allocate for Wi-Fi networks, but he did note that it would be a substantial amount. The FCC is due to review the proposal next month.

Source: The Verge

FCC IT Healthcare Fund to Boost Broadband Connections

The Healthcare Connect Fund advances the FCC’s pilot work on broadband and health services with a particular focus on leveraging high-speed connectivity to widen telemedicine networks and boost access to specialists for patients who don’t live near major hospital centers.

The FCC promises that the new fund “will allow thousands of new providers across the country to share in the benefits of connectivity and dramatically cut costs for both hospitals and the Universal Service Fund,” the agency’s omnibus telecom subsidy program.

The agency will begin accepting applications for the fund in late summer.

The Healthcare Connect Fund comes as the latest step in the FCC’s ongoing work in the area of healthcare technology. Just last month, around the same time that it approved the order authorizing the new fund, the FCC began the hiring search for the new position of director of healthcare initiatives.

The FCC says that the new healthcare director will coordinate the FCC’s varied efforts to harness technology to improve care and drive down costs, overseeing the availability of wireless medical devices and working with hospitals and other medical facilities to ensure that they have sufficient broadband connectivity.

The director will also spearhead the FCC’s outreach on healthcare issues with members of the medical and telecommunication industries, as well as the relevant government agencies involved with healthcare technology. Additionally, the individual will work with in-house FCC experts to address a host of technical issues like harnessing spectrum to enable remote testing through the use of wireless devices, and oversee the development of the new Healthcare Connect Fund.

An outgrowth of the FCC’s Rural Healthcare pilot program launched in 2006, the Healthcare Connect Fund aims to simplify the eligibility requirements to ensure that hospitals serving patients in rural areas can secure funding to upgrade their bandwidth to support modern telemedicine applications.

Additionally, by restructuring the terms of the program for healthcare consortia, the FCC projects that the new fund could lower the cost of robust broadband healthcare networks by as much as half. The fund will also channel as much as $50 million over a three-year period to support high-speed broadband service at skilled nursing facilities.

The FCC cites Barton Memorial Hospital in South Lake Tahoe, Calif., as an example of how grant funding has broadened access to specialists. At that hospital, which has received Universal Service funding from the FCC, medical staffers “are using broadband to enable remote examination through a live IP video feed and a relatively inexpensive telemedicine cart.” That way, Barton can offer patients access to outside experts in areas such as cardiology, infectious disease and neurology, areas of practice in which the hospital has no in-house specialists.

The new fund seeks to expand those types of telemedicine offerings, as well as support for the exchange of electronic health records. The FCC says that it will cover 65 percent of the cost of a new broadband deployment or upgrade for successful grant applicants, leaving the remaining 35 percent to the healthcare provider.

The Healthcare Connect Fund will also encourage the development of state and regional consortia comprised of individual healthcare providers that can improve their bargaining position by banding together with other facilities. The FCC says that consortia must be primarily rural in their makeup in order to be eligible for funding.

Other providers eligible for the program include public or not-for-profit hospitals, rural health clinics, community health centers and educational institutions such as medical schools and teaching hospitals.

Via: Network World

Department Of Justice to Use Prosecutorial Powers in State-Sponsored Cyberespionage

The Department of Justice (DOJ) plans to throw its prosecutorial weight behind efforts to stem the growing number of foreign government-sponsored cyberattacks against U.S. companies and government agencies.

The DOJ’s effort marks a shift in combating the national security threat. In the past, the Department of Homeland Security, the Defense Department and the National Security Agency led investigations of state-sponsored cyberespionage.

Now, the DOJ will step up the part it plays by prosecuting government officials and hackers with the Federal Bureau of Investigation providing the police work.

“There is, I guess, a tactical shift when we’re dealing with cyber-threats and national security to examine whether criminal investigations and prosecutions are a viable option in some of these cases,” DOJ spokesman Dean Boyd said on Wednesday. “And I think we’re pursuing that very vigorously with the FBI.”

While acknowledging that arresting perpetrators in some countries would be difficult, the DOJ has been successful in extraditing suspects in other cases, such as terrorism, cyber-hacking that wasn’t state sponsored, and the illegal exportation of weapons and technology from the U.S., Boyd said. For example, a suspect in a country without an extradition treaty with the U.S. is sometimes arrested when visiting another country.

“We do believe that does hold some deterrent value,” Boyd said of the prosecutorial plans. “I don’t believe we’re saying this is the silver bullet, but our whole philosophy is about bringing all tools to the table and we believe this is one potential tool in the government’s toolbox to deal with cyberthreats and national security.”

As part of the latest effort, the DOJ’s National Security Division is creating within U.S. Attorney offices across the nation a new position called the National Security Cybersecurity Specialist. The prosecutor will be specially trained to work with companies that are believed to be victims of state-sponsored cyberattacks.

The U.S. Defense Security Service reported this week that the number of foreign cyber-attacks bent on stealing U.S. technology, intellectual property, trade secrets and classified information rose by 75 percent fiscal years 2010-11. The FBI reported in July that cyberespionage cost the U.S. $13 billion through the first quarters of the fiscal year, which ended Sept. 30.

While supporting the arrest of cyberspies, experts do not believe the DOJ’s efforts will an impact on the upward trend in cyberespionage, because of the difficulty in extraditing suspects from a country sponsoring at attack.

Nevertheless, a prosecutorial approach would embarrass nations and government officials, said Darren Hayes, a Pace University professor and an expert in computer forensics and security. Also, if any companies are involved, then the U.S. government could prevent them from doing business in the U.S.

In addition, cases against the worse offenders could be used as a negotiating chip in future talks, Hayes said. In addition, the U.S. could join other nations targeted by the same countries to take punitive actions collectively.

“[The U.S. government] may be able to build up some kind of global alliance to combat some of these attacks,” Hayes said. “It’s not just the U.S. that’s being attacked and intellectual property stolen.”

One area where locating suspects would be difficult is in cyberattacks against industrial control systems (ICS) that run the nation’s critical infrastructure, such as power plants, nuclear facilities and water filtration systems. An attack on an ICS would be much more difficult to trace to the source than the hacking of a corporate or government information system, said Joe Weiss, managing partner of Applied Control Solutions and an expert in ICS security.

First, there is the difficulty in determining whether equipment failure in a facility is due to a cyberattack or an internal mechanical or electrical problem, Weiss said. Secondly, attacks on information systems are usually identified through logs in security-related technology. With ICS, that kind of information is seldom available.

“Trying to get attribution from anything that’s cyber is very, very difficult when it comes to an ICS,” Weiss said.

Via: Network World