Security experts and associations are working with individual governments and industries to harmonise international cybercrime laws.
In the wake of the Code Red threat, which exploited vulnerable Microsoft servers, Howard Schmidt, chief securityofficer of Microsoft, announced the launch for two new security products at Microsoft TechEd 2001 in Melbourne today.
Computer forensics expert and international president of the Information Systems Security Association (ISSA), Schmidtis in Australia to meet with government and industry leaders in Canberra to discuss a way to coordinate cybercrime lawsand prevent the emergence of cybercrime havens.
"Technology solutions and public policy must complement each other to respond to the challenges of cybercrime," Schmidtsaid.
Security, privacy and availability are necessary to building a trusted computing environment, he said.
Australian Police Forces are at the forefront worldwide in battling cybercrime and in computer forensics, Schmidt said,and were doing a lot of early investigation into computer crime back in the 80s. The concern is that technology ischanging faster than the police forces of the world can keep up with it.
Schmidt is also president of the Information Technology, Information Sharing and Analysis Centre (IT-ISAC) a private, nonprofit body funded by the world's leading IT companies, which seeks to protect members from network attacks.
Amongst the initiatives Schmidt and IT-ISAC are working towards are improved training for law enforcement personnel,technology-neutral laws that do not impose technical requirements onto industry to promote innovation, laws to promoteencryption, and harsher penalties.
Schmidt likened the typical network system to a candy with a hard outer shell and a vulnerable centre. He said agrowing concern is the increase in attacks on the home user. After not having any success in the attacking the enterprise directly, he said, hackers are now aiming at the home office and the user who does work after hours for the company at home.
Microsoft today at TechEd 2001 launched two new security tools designed to help enterprise system administrators andhome users keep their systems up to date and protected.
HFNetChk, an enterprise solution, is a command-line tool that enables a system administrator to check the patch statusof all the machines in a network from one central location.
Microsoft Personal Security Advisor (MPSA), for the home and small business user, is a Web application that helps to secure Windows NT 4.0 and Windows 2000 computer systems. Users can visit the MPSA site and press scan now to receive areport on computer's security settings and patch recommendations.