Wednesday, August 09, 2006

FBI calls for hacker help


LAS VEGAS--The FBI needs help from hackers to fight cybercrime, an agency official said Wednesday.

"We need your expertise and input as we develop strategies to battle cybercrime in the 21st century," Daniel Larkin, a unit chief in the FBI's cybercrime division, said in his opening address at the annual Black Hat security conference here.

As cybercrime has continued to become more sophisticated and organized, federal agencies have increasingly sought to partner with the private sector. Earlier this year, FBI Director Robert Mueller used the RSA Conference to send out a similar message.

"The people we're going after are not just the script kiddies anymore. These people are making a lot of money," Larkin told the Black Hat audience of hackers and security professionals. "I am a recovering technophobe; I used to be really afraid of you all. But I realize that you all are really important."

Black Hat draws an increasing number of attendees from law enforcement agencies. This year, Larkin estimated, one in 10 attendees might represent federal agencies, he said. "Be nice to them. They are here to help you; they are here to team up," he said.

Although the government is trying to be nimble, others might know about potential threats before federal agents do, he said. "Critical information on terrorism and cybercrimes could be in your hands and might be in your hands before they reach ours," he said.

The FBI's call for help confirms that it is not equipped to deal with cybercrime, said Tom Thomas, a security consultant from California who is attending Black Hat.

"It is not reassuring," Thomas said. "It confirms what we already suspect. There is great technical inadequacy, if not downright ineptness, at the FBI. Therefore they are, perhaps desperately, seeking help from almost anyone."

To make cooperating with law enforcement worthwhile, the FBI is offering to share information in exchange for help. The FBI has been criticized in the past for going completely silent after a report was filed. "We realize that we need to give back information," Larkin said.

As examples of information sharing, Larkin said that the FBI is working on identity theft with Internet service providers and with merchants on shipping fraud. That way, all players get a better picture of the actual threat, and the FBI can cross-reference data and build better case data, he said.