FBI cybercrime fighter lauds CAN SPAM, international efforts
- — 12 September, 2007 09:00
While fighting cybercrime has become a bigger problem for law enforcement over the past 10 years, given increased involvement from organized-crime groups, officials are seeing some results from recent legislation and international coordination efforts.
Although the CAN SPAM Act has garnered criticism for not having enough teeth since it was passed in 2003, federal law enforcement is finding it effective in fighting spam of late, says Thomas Grasso, supervisory special agent with the FBI's National Cyber-Forensics and Training Alliance, who spoke at the Security Standard conference in Chicago on Monday.
"It's a relatively new law that hasn't really been tested, but in the last year we've had a number of major" cases come up against it, he says. "CAN SPAM is turning out to be a very effective tool for us."
There are a variety of other laws that federal officials also rely upon to catch cybercriminals, he adds. "Our approach is we will use whatever legal tools we can to get these guys."
One of the major challenges to U.S. law enforcement is the fact that so many cybercriminals operate overseas. But Grasso says there have been developments in international coordination as well.
"There's a lot that's changed over the last 10 years," he says. "It used to be if you trace an IP address back to Romania, you're not going to get somewhere with it. That's changed; we now have task forces working with these people overseas, and Eastern European police forces are aggressively going after this, because the problem is starting to affect them, too."
Beyond the perimeter
When asked how enterprises should protect themselves in this era of high-end cyberattacks, Grasso says it's about more than just protecting the perimeter.
"It's no longer about attacking the perimeter; cybercriminals are getting through the firewall and they're deploying malicious code inside networks," he says. "You need security solutions to be more comprehensive; you need to shore up the perimeter, but you need to worry about what's going on inside the network, too."