Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WASHINGTON--U.S. businesses need to protect trade secrets because national security is tied closely to economic security, but on the other hand, encryption might help criminals hide their secrets, a former FBI director says.
The government can't crack some sophisticated encryption technology, which puts investigators of terrorism threats at a disadvantage, former FBI director Louis Freeh told a gathering of cybersecurity experts Monday. He spoke at the Computer Security Conference and Exhibition here.
Balancing Rights, Security
British lawmakers in 2000 passed a measure allowing law enforcement agents to get warrants requiring encryption vendors to share their keys. But U.S. investigators must rely on vendors' voluntary cooperation, which can slow the process, Freeh said.
"The ability to get real-time information from encrypted channels is going to be a huge problem in terms of homeland security and national security," said Freeh, who was FBI director from 1993 to 2001. "In a way, it runs a little bit counter to the interests of corporate America in terms of protecting its information."
Freeh didn't go so far as advocating that Congress take action similar to that of the U.K., but he said an "intricate" balance between domestic security and the rights of commerce and free speech is still being worked out. Judges offer strong protections to U.S. residents to keep law enforcement from overstepping its bounds when pursuing information on suspects, Freeh said during a question-and-answer session, when asked about what is being done to protect people.
While raising questions about encryption, Freeh encouraged private companies to protect their data and trade secrets. The Economic Espionage Act, passed by Congress in 1996, established ways to prosecute cases in which foreign governments use their spy agencies to steal trade secrets from private U.S. companies. But companies also need to help investigators who are tracking trade-secret thefts and other computer-related crimes, he said.
Cooperation Urged
The latest computer crime survey, released by the FBI and the Computer Security Institute in May, finds that only about 30 percent of hacking incidents are reported to law enforcement, Freeh said. Companies may not want to report the loss of trade secrets for a variety of reasons: They want to avoid alarming stockholders and tipping off competitors, but reporting more such incidents would help investigators track down criminals attacking the U.S., he said.
"Many people believe, as I do, that homeland security begins with economic security," he said. "If you subscribe to the notion that economic security does reflect directly on national security, you can't really have a successful and viable homeland security program unless the reporting percentile...increases significantly."
Freeh cited identity theft as another computer security issue for companies but said that one of the biggest challenges is for law enforcement agents to have real-time access to data on suspects. A police officer needs to know as much as possible about the person in the car the officer just pulled over, Freeh said. Private industry can help law enforcement agencies with the technology necessary to download data on suspects in real time.
That kind of instant information "could be the difference between stopping a major attack or not," Freeh said. "[The technology] is as likely to come from you in the private sector as from a government program."
