They catch cyber criminals
Source: The Morning Call
By Sam Kennedy
Date: November 03, 2003
InfraGard system helps Air Products get quick FBI help with hacker
When Air Products and Chemicals realized that an outsider was hacking into its computer system, the Trexlertown company knew exactly what to do.
As a member of InfraGard, an alliance between private industry and the federal government in the fight against cyber crime, Air Products was able to place a call directly to an FBI agent who specializes in computer forensics. The FBI arrived on scene within an hour and a half and quickly gathered the material necessary to subpoena the suspect, who turned out to be a former employee.
''If you're under attack, you can't wait,'' said Lance Hawk, a security analyst for the company. ''It wasn't serious because it was stopped early — and that's the whole point.''
Created by presidential order in 1996, InfraGard was conceived as a way to enlist the private sector's help in safeguarding the nation's critical infrastructures, especially the computer communications that serve as the underpinning of almost all enterprise today.
After five years of slow but steady growth, InfraGard has expanded rapidly since Sept. 11, 2001. Today, the program consists of 10,000 members representing several thousand companies, colleges and other organizations.
Air Products belongs to InfraGard's Philadelphia chapter — one of 80 chapters throughout the country. Now a firm believer in the program, the company hosted a forum on Wednesday to recruit new members from Lehigh Valley. About 50 people attended the event, which included presentations from the FBI and the U.S. Attorney's office.
Cyber crime threatens just about everything that runs on computer networks, from individual businesses to entire financial markets, said Patrick Meehan, U.S. Attorney for Pennsylvania's Eastern District. Unlike other crimes, it can be perpetrated from afar by anyone with a computer and an Internet connection, he said.
''We're talking about the global reach of our communications infrastructure,'' he said.
American businesses, in particular, face an array of risks. A flyer distributed by the FBI read: ''Hackers can be curiosity seekers, disgruntled employees or former employees, commercial competitors, criminals, terrorists or nations that view economic espionage as a legitimate tool of international competition.''
InfraGard, speakers said, helps its members protect themselves in two main ways:
First, the program enables government and businesses to share the latest intelligence about potential threats and the proper responses to them. If one company is attacked, for example, it can quickly dispatch warnings to others in the network.
''We need each other to get through this,'' said Keith Morales, president of the Philadelphia InfraGard chapter.
Secondly, it helps the FBI and other law enforcement agencies work with businesses to catch cyber criminals. Twice since joining InfraGard, the FBI and Air Products have joined forces to identify hackers who targeted the company's computer system, security analyst Hawk said.
Both instances led to criminal charges against the perpetrators, he said.
Such collaboration is so critical because, without it, the FBI can't begin to build cases against cyber criminals, explained FBI agent John Cheeson. For other crimes, say murder, the FBI can gather physical evidence, such as a bullet fragment. But when a hacker breaks into a company's computer system, often the only proof is the system's own internal logs.
And those logs might be inaccessible or indecipherable without the cooperation of the company, Cheeson said.
Yet one of the biggest challenges of InfraGard is the inherent reluctance of companies to report cyber crime in the first place, speakers said.
Many companies are embarrassed to admit they've been victimized by a hacker. They might be leery of the publicity that could accompany a criminal investigation. They might also be afraid of being forced to reveal valuable proprietary information during a trial.
Such fears are unfounded, assured Richard Goldberg, a federal prosecutor based in Philadelphia. The privacy of companies that have been victimized is the top priority of the U.S. Attorney's office, he said.
Goldberg offered his personal guarantee than he would never ask a company to reveal its corporate secrets. He said he would rather dismiss a case.
''We know how to do this,'' he said. ''If we can catch the bad guy and keep the victim intact, we've done our job.''
^macro[showdigestcomments;^uri;They catch cyber criminals]