Issues

Government Authentication
Personal Identity
Federal Standards
Governance
R&D
Resources
Legislation and Policy
Liability
Power Grid
Procurement


Library

o Government Authentication Library
o Personal Identity Library
o Federal Standards Library
o Governance Library
o R&D Library
o Resources Library
o Legislation and Policy Library

CRE Interventions
  Agency Administrative Actions
  Rulemaking
  Litigation

 ICANNfocus Archives

 

Computer Crime More Profitable Than Drug Trafficking
An article published by the American Academy for the Advancement of Sciences (AAAS) notes that "According to the electronic security adviser to the U.S. Treasury Department, last year profits from global computer crimes exceeded the profits from drug trafficking for the first time ever."

Thus, it is not surprising that Government Executive reported that "nearly 50 percent...of new IT funding proposed by Bush would go to DHS." A report quoted by the magazine also noted that of $64.3 billion that the Administration is requesting for FY 2007, "$5.2 billion has been allotted to cybersecurity."

However, effective cybersecurity requires far more than just spending lots of money, it requires great care in the development and selection of cybersecurity products on which the money is spent. The AAAS article, which profiled a cybersecurity expert at the University of California, Berkeley, quoted the professor as explaining that "Much of the software we use is some of the most complex manmade things that have ever been produced. When you have that level of complexity, people make mistakes."

Furthermore, the article noted that "software isn't forgiving of human error. Just one bug in a single line of code can permit an attack that can crash a network and possibly expose private information or do harm in some other way."

There is no question that the government needs to continue investing substantial resources in cybersecurity. However, significant spending is a necessary but not sufficient condition for securing the federal network. The government needs to ensure that the cybersecurity products and services it purchases are themselves secure.

  • Click for AAAS article
  • Click for Government Executive article

  • Copyright 2005 The Center for Regulatory Effectiveness.
    All rights reserved.