Post-TJX: More Cooperation Needed

Security Experts Call for Greater Global Information Sharing
Post-TJX: More Cooperation Needed
As the final chapter of the TJX data breach draws to a close with the sentencing of the last hacking conspirator, security experts say greater international cooperation is necessary to prevent future incidents.

Damon Patrick Toey was sentenced on April 15 to five years in prison for helping Albert Gonzalez hack into TJX Co. and other major retailers. Gonzalez was sentenced in March to a 20-year prison term for the TJX hack, and then subsequently given a concurrent 20-year term for his role in the Heartland Payment Systems breach.

The Toey and Gonzalez convictions show the power of international law enforcement cooperation, but security experts say more needs to be done to bolster information sharing among global agencies.

Even countries that aren't "friendly" to extradition and information sharing should be forced to help these kinds of investigations, says David Shackleford, an information security expert and Risk & Compliance Director at Sword & Shield Enterprise Security, Inc in Atlanta, GA. "I'd love to see some international regulation that requires agreement to cooperate in order to have Internet access rights."

Last Chapter of TJX Prosecutors pushed for a six-year sentence. From 2003 to 2006, Toey's principal role was to sell stolen credit and debit cards and use them to make fraudulent withdrawals at ATMs, say prosecutors. Toey was paid $80,000 by Gonzalez in 2007 to help him with Internet-based attacks against major companies.

Toey provided critical information about Gonzalez and two other Russian hackers and their break in at Heartland Payment Systems. In addition to Toey and Gonzalez, four other members of the hacking ring have already been sentenced in the past few months.

Next Story: Cooperation?
As a result of the TJX and other investigations, there have been many solid relationships built cross-border between governments and the corporations who've helped bridge these relationships. "All of them see criminal hacking as a global threat," says Robert Siciliano, a Boston-based identity theft expert and author. "They are protecting their self interests by working together. Nobody wants their bank account evaporated into thin air."

But better international cooperation is needed to avert future incidents, say Siciliano and other experts.

What it boils down to, says Bill Taylor, a former criminal prosecutor of cyber criminals, is a problem of resources and capabilities. Governments and law enforcement authorities are increasingly sophisticated at investigating and prosecuting these crimes, but they are outnumbered and battling criminals who don't need sophisticated equipment to perpetrate their crimes.

"More importantly, law enforcement and information security professionals are constantly responding to evolving threats," Taylor says. "There is a whole new generation of computer-savvy law enforcement officers and agents coming into its own, but they are playing catch-up."

International cooperation is essential to addressing the problem, as the Internet knows no political or administrative boundaries. "Jurisdictional ideas [are] based on sovereign authority limited by geographical boundaries," Taylor says. "And legal systems designed more to protect that sovereignty than to capture criminals who commit crimes internationally are obsolete and dangerous."

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network