Nations Should Share Educational Knowledge On Information Security To Bolster National Security

By Author: EC-COUNCIL
Total Articles: 68
Comment this article

Cybercrime is very lucrative business that covers a whole range of illegal activities. Nations around the world should cooperate more with each other on cross-border investigations of cybercrime to bolster national security and protect consumers from these illegal activities including identity theft.
The US government says their systems are under constant attack from criminals, whose methods are improving faster than they can be counteracted. This has led to the planned spending of $13 billion before 2016 in order to increase security against a crime considered to be the highest money-earner for criminals, with over 300,000 attacks on US networks recorded in 2010.
It is unlikely that we can adequately secure the U.S. portion of cyberspace without international engagement,” John Savage, a computer science professor at Brown University in Providence, Rhode Island, said in testimony before the Senate Committee of the Judiciary Subcommittee on Crime and Terrorism.
While cybercriminals operate in a world without borders, the law enforcement community does not, limiting the enforceable penalties on cybercrime, ...
... said Pablo Martinez, a deputy special agent in charge with the Secret Service’s criminal investigation division.
International cooperation was vital in investigating the network intrusion of Heartland Payment Systems Inc., the fifth- largest payments processor in the U.S., where 130 million credit card accounts were compromised two years ago, Martinez said.
Information released by Heartland revealed that the hackers appear to have planted some sort of malware capable of sniffing out payment card data as it moved across the company's network, and then to have spirited it out of Heartland's systems in encrypted data streams.
Heartland's wasn't doing file integrity monitoring on a routine basis, Gartner Inc. analyst AvivahLitan said. That is a Payment Card Industry Data Security Standard (PCI) requirement designed to enable companies to detect unauthorized content in files and directories on servers, as well as changes in or additions to permissions privileges.
As a security measure, Heartland, as a large processor of card transactions, has been required to comply with PCI— a set of security controls mandated by the major credit card companies — for a considerably longer time than retailers have been.
In January, top White House cyber security official Howard Schmidt said he planned a diplomatic effort to win more cooperation on cybercrime issues. Some governments actively engage in cybercrimes or turn a “blind eye” to the practice, similar to nations condoning money-laundering schemes in the 1980s, Schmidt said.
The U.S. plans to urge more nations to sign a 10-year-old treaty called the Cybercrime Convention that calls for cooperation in probing crimes committed via the Internet and other computer networks, Schmidt said in January. These include crimes that deal with infringements of copyright, computer- related fraud, child pornography and violations of network security, according to the treaty website.
The treaty was ratified by 30 countries, including the U.S. and 29 European nations. Signatories including the United Kingdom, Canada and Turkey have yet to ratify the law, according to the treaty website. China and Russia are among nations that have yet to sign the treaty.
Longtime technology industry advocates of the treaty hailed the Senate's action. A lobbying group whose members include Microsoft, Apple Computer, Cisco Systems, IBM and Intel said the treaty "will serve as an important tool in the global fight against cybercriminals and encourage greater cooperation among nations."
The software industry, which has been lobbying for years for action on the treaty, has found it contains much to cheer about, including a requirement that nations enact criminal penalties for copyright infringers. The ratification marks "an important milestone in the fight against international cybercrime," said Paul Kurtz, executive director of the Cyber Security Industry Alliance, which counts Juniper Networks, McAfee, RSA Security and Symantec among its member companies.
Nations will now have to protect their networks from increasing targeted attacks by having their information security professionals to undergo technical security training programs. EC-Council’s brand new TakeDownCon is a technical information security conference series, in addition to learning from some of the best security experts, TakeDownCon also offers highly sought after technical training courses, including the Certified Ethical Hacker (CEH) course, often touted as the world’s most comprehensive ethical hacking training program.
The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.

ABOUT EC-COUNCIL
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous ethical hacking training, the Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other technical security training programs offered in over 70 countries around the globe. EC-Council has trained over 80,000 individuals and certified more than 38,000 security professionals. These certifications are recognized worldwide and have received endorsements from various government agencies including the US federal government, National Security Agency (NSA), Committee and National Security Systems (CNSS), US Army, FBI, Microsoft and CERTs (Computer Emergency Response Team) of various nations. TakeDownCon Dallas 2011, is one of the conferences of EC-Council’s Take Down information security conference series.