4 August 2000
Source: http://usinfo.state.gov/cgi-bin/washfile/display.pl?p=/products/washfile/topic/global&f=00072803.ggi&t=/products/washfile/newsitem.shtml

US Department of State
International Information Programs

Washington File

28 July 2000

Congressional Testimony on Cybercrime Strategies

(Government, business expand defenses against Internet crime) (5140)

Computer virus attacks have infected global networks several times
over the last several months, and U.S. government officials were on
Capitol Hill July 26 to explain their expanding strategies to detect,
investigate and prevent cyberattacks.

"The electronic frontier has no bounds," Edgar Adamson, chief of the
U.S. National Central Bureau for INTERPOL, told members of the House
of Representatives Subcommittee on Government Management, Information,
and Technology. Law enforcement must "overcome the very real cultural,
linguistic, legal and digital barriers that complicate the positive
exchange of criminal investigative information across national
administrations and sovereign boundaries," he added.

Adamson said INTERPOL has become an important coordinator of
international law enforcement in the communications arena, and is now
working with a variety of other organizations to survey national laws
on the subject. "Their aim is to ultimately develop international
standards and best practice measures in the area of cyber crime."

Michael Vatis, director of the National Infrastructure Protection
Center within the Federal Bureau of Investigation, also appeared
before the committee. He cited a study that estimated cybercrime costs
the global economy $1,600,000 million. "It is vital that we work
effectively across borders in concert with out international
partners," he said.

Vatis outlined the responsibilities borne by various government
agencies in this area of criminal activity. He explained how the FBI
and other agencies are working with business to counter the cyber

(begin Adamson text)


of Edgar A. Adamson, Chief
U.S. National Central Bureau -- INTERPOL

before a hearing of the

House Subcommittee on Government Management,
Information, and Technology

July 26, 2000

"Cyber Crime -- Computer Security"

Mr. Chairman and Members of the Subcommittee:

Thank you for providing me this opportunity to participate in today's
Subcommittee hearing on computer security issues. I am currently
assigned to the position of Chief of the United States National
Central Bureau (USNCB) for INTERPOL, and possess thirty years of law
enforcement experience as a Special Agent of the U.S. Customs Service.
The USNCB is a component of the Department of Justice, with
representatives from 16 U.S. federal law enforcement agencies,
including both the Department of Justice and the Department of

As the Members are well aware, the 'Information Revolution' has
changed the world -- providing unparalleled growth for our economy,
and forever transforming the way we think about and use information.
Our dependence on these new sources and methods grows daily -- and at
least some part of nearly every interaction we undertake now occurs
within this 'virtual' world. Of course, this widespread dependence
increases our vulnerability to criminal activity. The ease with which
criminals can access the means necessary to commit cyber crimes, the
multiple jurisdictions in which these crimes are committed, and the
seemingly risk-free environment for the cyber crime perpetrator, are
all factors that point to a possible increase in this type of crime in
the near future.

Cyber crime is truly international in character, as the electronic
frontier has no bounds. It demonstrates that the need for
international law enforcement cooperation has never been greater. To
respond effectively, U.S. law enforcement authorities must be able to
overcome the very real cultural, linguistic, legal and digital
barriers that complicate the positive exchange of criminal
investigative information across national administrations and
sovereign boundaries. The International Criminal Police Organization,
INTERPOL, exists to facilitate this critical exchange among its 178
Member Countries, and provides the necessary framework, rules of
police cooperation, and essential tools and services that promote the
adoption and use of international standards, foster best practices,
and permit investigative results.

INTERPOL recognizes the severity of the cyber crime challenge and is
committed to achieving effective computer security and 'cyber
enforcement' through the development and delivery of operational
programs and training, the establishment of international standards,
and the promotion of best practices worldwide. INTERPOL is in a unique
position to facilitate timely and reliable notification concerning
intrusion attempts, and information on the spread of computer viruses,
through its worldwide communications network. . . .

INTERPOL is the only global police organization. It is an
intergovernmental alliance formed by 178 member countries for the
purpose of exchanging criminal police, information to combat ordinary
law crimes and to support the U.N. Declaration of Human Rights.
INTERPOL is recognized by, and cooperates with, other leading
international organizations including the United Nations, the World
Customs Organization, the Council of Europe and the Organization of
American States. The Organization works closely with the G-8, and with
many non-governmental and private organizations with mutual interests
in law enforcement issues and crime prevention. . . .

All 18,000+ U.S. law enforcement agencies -- federal, state and local
-- may rely upon INTERPOL and the USNCB, to obtain needed intelligence
and investigative assistance on computer security, and on all the
variant flavors of cyber crime.

The INTERPOL Organization, and the USNCB, are involved daily in
responding to requests for criminal investigative assistance on
computer crime -- traditional crime facilitated by information
technology -- such as child pornography, pedophilia, identity theft,
and credit card fraud. And although its officers are not operational
per se, INTERPOL is prepared to assist in the investigation of crimes
against systems and networks, such as web site attacks and the
malicious spread of viruses, and to help to sift through the thorny
issues of jurisdiction and venue.

INTERPOL has taken an important role in coordinating worldwide law
enforcement efforts in the area of IT Crime. Since 1990, the
Organization has convened field experts for the purpose of sharing
criminal investigative information, and developing international
standards, best practice and training modules for the international
law enforcement community.

There are currently four regional 'INTERPOL Working Parties on IT
Crime' that meet regularly to deal with cyber crime issues. These fora
provide unique opportunities for intelligence sharing and networking
for experts in this rapidly advancing field. Recently, INTERPOL's
'European Working Party on IT Crime' developed and implemented a
24-hour early warning system that has been endorsed by the G8
Sub-Group on High Tech Crime.

INTERPOL collaborates closely with a number of organizations, academic
and other, involved in projects to collate and evaluate national
legislation on computer crime. Their aim is to ultimately develop
international standards and best practice measures in the area of
cyber crime. One example of this is INTERPOL's work with the Council
of Europe to develop a draft convention on cyber crime. Provisionally
entitled "Draft Convention on Cyber-Crime", this Council of Europe
text will be the first international treaty to address criminal law
and procedural aspects of various types of offending behavior directed
against computer systems, networks or data, as well as other similar
abuses. This text aims to harmonize national legislation in the field,
facilitate investigations and allow efficient levels of co-operation
between the authorities of different States. The text should be
finalized by a group of experts by December 2000 and the Committee of
Ministers could adopt the text and open it for signature as early as
Autumn 2001.

INTERPOL is currently finalizing a cooperative agreement discussing
coordination with the G-8 Sub-group on High-Tech Crime, aimed at
preventing duplication and the resulting waste of resources.

INTERPOL works to promote awareness, education and the exchange of
information in the area of cyber crime. In 1999, it revised and
distributed 'Computers and Computer Crime', a computer crime manual of
best practices for the experienced investigator. A handbook on
computer-related crime for the novice investigator has also been
published and distributed to all 178 INTERPOL member countries.
INTERPOL will also shortly make information on IT crime matters
available to law enforcement agencies and the public through its
secure website.

The Organization hosts an annual conference to address IT topics such
as internet investigations, e-commerce, digital evidence, tools and
techniques, hacker profiling, internet legislation, encryption, and
security matters.

INTERPOL also expends significant resources towards competency
building in cyber crime investigation among its 178 Member countries
and at regional levels. Teaming experts from highly advanced nations
with those requiring the basics of investigative and forensic
techniques has proved useful in raising awareness and knowledge among
law enforcement throughout the world and ensuring that law enforcement
entities can work together in this inherently international crime

Given the fast pace of cyber technology and the far-reaching effects
of its criminal misuse, INTERPOL recognizes the need to cooperate
efficiently and effectively with other international organizations and
academic institutions with an interest in the field. It has,
therefore, forged strong partnerships with bodies such as the G8
Sub-group on High Tech Crime, the International Chamber of Commerce
(ICC), the Council of Europe, the United Nations Asia Institute for
the Prevention of Crime and the Treatment of Offenders (UNAFEI), as
well as several academic institutions. This close collaboration helps
to predict and prevent incidences of cyber crime by ensuring that
timely information is shared and that existing resources are

INTERPOL membership and participation increases the likelihood of
detection, timely notice and proper law enforcement response to cyber
intrusions. It also permits access to a 24-hour network of national
experts in over forty countries, in a secure and confidential manner.
Our ability to deal effectively and efficiently with cyber crime can
be enhanced through competency building for less experienced
enforcement agencies worldwide, and through continued coordination and
cooperation among U.S. law enforcement agencies dealing with the
various aspects of this emerging crime area.

(end Adamson text)

(begin Vatis text) Michael A. Vatis Director, National Infrastructure Protection Center Federal Bureau of Investigation before a hearing of the Subcommittee on Government Management, Information, and Technology July 26, 2000 Computer Security: Cyber Attacks - War without Borders Good morning, Chairman Horn, Congressman Turner, members of the subcommittee, and distinguished guests. I am pleased to testify before this subcommittee today on our international response to cyber attacks and computer crime in general. . . . A recently released study estimates that computer viruses and hacking take a toll of $1.6 trillion on the global economy. This figure dwarfs the gross national product of most of the world's nations. Given the global nature of the computer crime problem and the fact that many of our investigations in the U.S. have an international nexus, it is vital that we work effectively across borders in concert with our international partners. I believe this hearing will contribute to that effort and highlight the extensive endeavors we have already made in the international arena. Protecting the Nation's critical infrastructures and combating computer intrusions is by necessity a cooperative effort. National governments must work within themselves, across agencies; with regional and local law enforcement; with private industry; and with foreign governments to combat the problem. If cooperation is lacking in any one of these areas, the whole effort will fall short. Yet if cooperation is effective across all of these areas, then we can gain the upper hand against cyber criminals around the world and ensure that the Internet is a safe place for electronic commerce and communication. Cooperative Structures in the United States The U.S. government approach to protecting the nation's critical infrastructures is outlined in Presidential Decision Directive (PDD) 63, issued in May 1998. That Directive forms a series of cooperative arrangements. In particular, PDD-63 categorizes our infrastructures into several sectors and designates federal "Lead Agencies," which are responsible for working cooperatively with private industry from each sector to develop mechanisms and plans for securing that sector against cyber attacks and for recovering should an attack occur. The PDD also gives a significant coordinating role for operational matters to the National Infrastructure Protection Center (NIPC), which I head. The PDD places the NIPC at the core of the government's warning, investigation, and response system for threats to, or attacks on, the nation's critical infrastructures. The NIPC is the focal point for gathering information on threats to the infrastructures as well as "facilitating and coordinating the Federal Government's response to an incident." The PDD further specifies that the NIPC should include "elements responsible for warning, analysis, computer investigation, coordinating emergency response, training, outreach, and development and application of technical tools." The NIPC has a vital role in collecting and disseminating information from all relevant sources. The PDD directs the NIPC to "sanitize law enforcement and intelligence information for inclusion into analyses and reports that it will provide, in appropriate form, to relevant federal, state, and local agencies; the relevant owners and operators of critical infrastructures; and to any private sector information sharing and analysis entity." The NIPC is also charged with issuing "attack warnings or alerts" to the owners and operators of critical infrastructures in the private sector. In order to perform its role, the NIPC has established, and is continuing to expand, a network of cooperative relationships with a wide range of entities in both the government and the private sector. First, the Center, while located at the FBI, is interagency in its composition, bringing together representatives from the law enforcement, defense, and intelligence communities, as well as from many of the lead agencies specified in the PDD. The Center currently has representatives from the following federal entities: Navy, Air Force, Army, Air Force Office of Special Investigations, Naval Criminal Investigative Service, Defense Security Service, National Security Agency, United States Postal Service, Federal Aviation Administration, General Services Administration, Central Intelligence Agency, Critical Infrastructure Assurance Office, and Sandia National Laboratory. In addition, the Center has had state law enforcement officials detailed on a rotating basis. So far we have had representatives from the Oregon State Police and the Tuscaloosa County (Alabama) Sheriff's Department. We also have international liaison officials who work with the Center. This interagency composition facilitates the NIPC's ability to share pertinent information among agencies and to coordinate agencies' activities in the event of an attack. Second, pursuant to the PDD, the NIPC has electronic links to the rest of the government in order to facilitate the sharing of information and the issuance of warnings. Third, the PDD directs all executive departments and agencies to "share with the NIPC information about threats and warning of attacks and actual attacks on critical government and private sector infrastructures, to the extent permitted by law." Fourth, to bolster our technical capabilities the Center selectively employs private sector contractors. By bringing other agencies directly into the Center and building direct communication linkages to government agencies and the private sector, the Center provides a means of coordinating the government's cyber expertise and ensuring full sharing of information, consistent with applicable laws and regulations. In addition, in its role under Presidential Decision Directive (PDD) 63 as the lead agency for the "Emergency Law Enforcement Sector" (ELES), the NIPC has been working with state and local law enforcement to develop a plan to protect that sector from cyber attack and reduce its vulnerabilities. As part of that effort, the NIPC's alerts and warnings are regularly sent to state and local law enforcement agencies via the National Law Enforcement Telecommunications System (NLETS) and through NIPC e-mail via the Law Enforcement Online system. Sharing with state and local law enforcement is critical because they are often the first responders when an incident occurs. To fulfill its mandate under PDD-63, the NIPC's goal is to develop a comprehensive "indications and warning" system that will be capable of timely collection of indicators of an imminent or ongoing cyber attack, analysis of the information, and the timely issuance of alerts and warnings. This will require additional resources, both personnel and equipment. It will also require participation by the Intelligence Community; the Department of Defense; the sector "Lead Agencies"; other government agencies; federal, state and local law enforcement; and the private sector owners and operators of the infrastructures. As I will discuss further in a moment, the NIPC is currently working with industry to develop a methodology and system for detecting and warning of attacks on the national telecommunications and electric power sectors. These will provide a model for possible systems for the other sectors. . . . To facilitate our ability to investigate and respond to attacks, the FBI has created the National Infrastructure Protection and Computer Intrusion (NIPCI) Program in the 56 FBI Field Offices across the country. We currently have 193 agents nationwide dedicated to investigating computer intrusion, denial of service, and virus cases (less than 2% of all FBI agents nationwide). In order to leverage these resources most efficiently, we have taken the approach of creating 16 regional squads that have sufficient size to work complex intrusion cases and to assist those field offices without a full NIPCI squad. In those field offices without squads, the FBI has established a baseline capability by having at least one or two agents to work NIPCI matters, i.e. computer intrusions (criminal and national security), viruses, the InfraGard and Key Asset Initiatives, and state and local liaison. In addressing cyber incidents, the NIPC and the 56 FBI field offices work cooperatively with their federal, state and local law enforcement partners and with the private sector. For example, in the Melissa Macro Virus investigation, the NIPC issued public warnings that helped alert the public, government agencies, and private industry to the virus and stem the damage to computer networks. In addition, the FBI's Newark office worked closely with the New Jersey State Police, the New Jersey Attorney General's Office, and the U.S. Attorney's Office in New Jersey in the investigation, arrest, and prosecution of David L. Smith. The NIPC supported the overall investigation which spanned the nation. In other cases where there is concurrent jurisdiction, the FBI and other agencies often work cases jointly. For example, the FBI and the U.S. Secret Service worked together on a series of hacks into the White House Homepage. Eric Burns, a.k.a Zyklon, hacked into the White House web site as well as other sites. He was caught and pled guilty to one count of 18 U.S.C.1030. In November 1999 he was sentenced to 15 months in prison, 3 years supervised release, and ordered to pay $36,240 in restitution and a $100 fine. While I cannot discuss it in open hearings, the NIPC also works closely with other agencies in foreign counter intelligence investigations involving cyber attacks. Government-Industry Cooperation As I noted earlier, however, it is critical for the government not just to work cooperatively within itself, but also with the private sector. The NIPC is engaged in several initiatives to work cooperatively with the private sector, principally in the area of information sharing. First, the NIPC, in conjunction with the private sector, has developed an initiative call "InfraGard" to expand direct contacts with the private sector infrastructure owners and operators and to share information about cyber intrusions, exploited vulnerabilities, and infrastructure threats. The initiative encourages and facilitates the exchange of information by government and private sector members through the formation of local InfraGard chapters within the jurisdiction of each FBI Field Office. Chapter membership includes representatives from the FBI, private industry, other government agencies, state and local law enforcement, and the academic community. The critical component of InfraGard is the ability of industry to provide information on intrusions to the NIPC and to the local FBI Field Office, using secure communications, in both a "sanitized" and detailed format. The local FBI Field Offices can, if appropriate, use the detailed version to initiate an investigation; the NIPC, in turn, can analyze that information in conjunction with other law enforcement, intelligence, and industry information to determine if the intrusion is part of a broader attack on numerous sites. The Center can simultaneously use the sanitized version to inform other members of the threat and the techniques used, without compromising the confidentiality of the reporting company. The secure website also contains a variety of analytic and warning products that we make available to the InfraGard community. We believe InfraGard, once fully implemented, will be a significant step forward in enhancing the ability of the private sector and the government to share information with each other. The government has access to unique sources of information through its intelligence and law enforcement activities. These need to be shared, in appropriately sanitized form, with private sector owners and operators so that they can protect themselves against threats that we become aware of. Conversely, the private sector is often the victim of cyber attacks and threats that are highly relevant to our mission to protect that nation's critical infrastructures from attack. Only by bringing these governmental and private sources of information together can we get a sense of the full picture of threats and incidents, draw linkages, and engage in effective "indications and warning" regarding cyber attacks. In contrast to efforts to share information solely within one industry sector, InfraGard provides a vehicle for sharing information across sectors and between the government and industry generally. A second effort involving cooperation with the private sector is the Key Asset Initiative (KAI). A key asset can be defined as an organization, system, group of organizations or systems, or physical plant, the loss of which would have widespread and dire economic or social impact on a national, regional, or local basis. The KAI initially involves determining which assets are "key" within the jurisdiction of each FBI Field Office and obtaining 24-hour points of contact at each asset in case of an emergency. . . . Another initiative is a pilot program we have developed with the North American Electrical Reliability Council (NERC) to develop an "Indications and Warning" System for physical and cyber attacks. Under the pilot program, electric utility companies and other power entities transmit incident reports to the NIPC. These reports are analyzed and assessed to determine whether an NIPC alert, advisory, or assessment is warranted to the electric utility community. Electric power participants in the pilot program have stated that the information and analysis provided by the NIPC back to the power companies make this program especially worthwhile. . . . NIPC and International Cooperation Most pertinent to this hearing is the issue of cooperation across national borders. A typical cyber investigation can involve victim sites in multiple states and often many countries, and can require tracing an evidentiary trail that crosses numerous state and international boundaries. Even intrusions into U.S. systems by a perpetrator operating within the U.S. often require international investigative activity because the attack is routed through Internet Service Providers and computer networks located outside the United States. When evidence is located within the United States, we can subpoena records, conduct electronic surveillance, execute search warrants, seize evidence, and examine it. We can do none of those things ourselves overseas to solve a U.S. criminal case. Instead, we must depend on the local authorities to assist us. This means that effective international cooperation is essential to our ability to investigate cyber crime. International investigations pose special problems. First, while the situation has improved markedly in recent years, many countries lack substantive laws that specifically criminalize computer crimes. This means that those countries often lack the authority not only to investigate or prosecute computer crimes that occur within their borders, but also to assist us when evidence might be located in those countries. Moreover, the quickly evolving technological aspects of these investigations can exceed the capabilities of local police forces in some countries. Finally, even when countries have the requisite laws and have developed the technical expertise necessary to conduct cyber investigations, successful investigation in this arena requires more expeditious response than has traditionally been the case in international matters, because electronic evidence is fleeting and, if not secured quickly, can be lost forever. NIPC International Outreach The NIPC is working with its international partners on several fronts to address the issues outlined above. The first area consists of outreach activities designed to raise awareness about the cyber threat, encourage countries to address the threat through substantive legislation, and provide advice on how to organize to deal with the threat most effectively. Almost weekly the NIPC hosts a foreign delegation to discuss topics ranging from current cases to the establishment of NIPC-like entities in other nations. Since the NIPC was founded, Japan, the United Kingdom, Canada, Germany, and Sweden have formed or are in the process of forming interagency entities like the NIPC. The NIPC has briefed visitors from the United Kingdom, Germany, France, Norway, Canada, Japan, Denmark, Sweden, Israel, and other nations over the past year. In addition, to promote understanding of the NIPC mission, an "open house" for embassy personnel was held in March 2000. . . . The NIPC and International Investigations Since the creation of the NIPC in February 1998, we have seen a significant increase in the number of investigations requiring international cooperation. The NIPC has provided an effective vehicle for coordinating these investigations. I will provide a few examples to demonstrate the issues raised by such investigations and how they have been addressed by the NIPC. One example is the Solar Sunrise case, the code name for a multi-agency investigation of intrusions into more than 500 military, civilian government, and private sector computer systems in the United States during February and March 1998. These intrusions occurred just as the NIPC was being established. The intrusions took place during the build-up of United States military personnel in the Middle East in response to tensions with Iraq over United Nations weapons inspections. The intruders penetrated at least 200 unclassified U.S. military computer systems, including seven Air Force bases and four Navy installations, Department of Energy National Laboratories, NASA sites, and university sites. The timing of the intrusions, and the fact that some activity appeared to come from an ISP in the Middle East, led many U.S. military officials to suspect that this might be an instance of Iraqi information warfare. The NIPC coordinated an extensive interagency investigation involving FBI Field Offices, the Department of Defense, NASA, Defense Information Systems Agency, Air Force Office of Special Investigations, the Department of Justice, and the Intelligence Community. Internationally the NIPC worked closely with the Israeli law enforcement authorities. Within several days, the investigation determined that two juveniles in Cloverdale, California, and individuals in Israel were the perpetrators. This case demonstrated the critical need for an interagency center to coordinate our investigative efforts to determine the source of such intrusions and the need for strong international cooperation. Israeli authorities are preparing to prosecute the chief defendant in their case in the summer of 2000. More recent cases demonstrate how much international cooperation has improved in this area. In February 2000, the NIPC received reports that CNN, Yahoo, Amazon. Com, e-Bay, and other e-commerce sites had been subject to "Distributed Denial of Service" (DDOS) attacks. The NIPC had issued warnings in December 1999 about the possibility of such attacks, and even created and released a tool that victims could use to detect whether their system had been infiltrated by an attacker for use against other systems. When attacks did occur in February, companies cooperated with the NIPC and our National Infrastructure Protection and Computer Intrusion Squads in several FBI field offices (including Los Angeles and Atlanta) and provided critical logs and other information. Within days, the FBI and NIPC had traced some of the attacks to Canada, and subsequently worked with the Royal Canadian Mountain Police to identify the suspect. The Royal Canadian Mounted Police (RCMP) arrested a juvenile subject in April 2000, and charges are expected to be brought shortly for at least some of the attacks. The unprecedented speed and scope of this investigation was evidence of the great improvement made in our ability to conduct large scale, complex international investigations. Another example involves the compromise between January and March 2000 of multiple e-commerce websites in the U.S., Canada, Thailand, Japan and the United Kingdom by a hacker known as "Curador." Curador broke into the sites and apparently stole as many as 28,000 credit card numbers, with losses estimated to be at least $3.5 million. Thousands of credit card numbers and expiration dates were posted to various Internet websites. After an extensive investigation, on March 23, 2000, the FBI assisted the Dyfed Powys (Wales, UK) Police Service in a search at the residence of "Curador," whose real name is Raphael Gray. Mr. Gray, age 18, was arrested in the UK along with a co-conspirator under the UK's Computer Misuse Act of 1990. This case was predicated on the investigative work by the FBI, the Dyfed Powys Police Service in the United Kingdom, Internet security consultants, the RCMP, and the international banking and credit card industry. This case illustrates the benefits of law enforcement and private industry, around the world, working together in partnership on computer crime investigations. Most recently, companies and individuals around the world by the "Love Bug," a virus (or, technically, a "worm") that traveled as an attachment to an e-mail message and propagated itself extremely rapidly through the address books of Microsoft Outlook users. Investigative work by the FBI's New York Field Office, with assistance from the NIPC, traced the source of the virus to the Phillippines within 24 hours. The FBI then worked, through the LEGAT in Manila, with the Phillippines' National Bureau of Investigation, to identify the perpetrator. The investigation in the Phillippines was hampered by the lack of a specific computer crime statute. Nevertheless, Onel de Guzman was charged on June 29, with fraud, theft, malicious mischief, and violation of the Devices Regulation Act. The speed with which the virus was traced back to its source is unprecedented. As a postscript, it is important to note that the Phillippines' government on June 14, 2000 approved the E-Commerce Act, which now specifically criminalizes computer hacking and virus propagation. In addition to the matters mentioned above, we are currently working on numerous cases that require international cooperation. Because these are all pending matters, I cannot comment on them in this hearing. But I can say that the percentage of cases with an international element is increasing significantly. These cases all illustrate the tremendous progress that has been made in the international arena. Countries around the world are addressing the cyber crime problem by creating new computer crime laws, establishing organizations and capabilities to handle investigations, and forging ties across international borders to facilitate investigations. While much work remains to be done, we can point with pride to the considerable advances that have been made in a very short time to strengthen international cooperation against cyber crime. Conclusion Cooperation among governments and between government and industry is the key to combating crime in cyberspace and making the Internet a safe and secure environment for e-commerce and communications. The NIPC has played an important role in fostering such cooperation. With the support of this committee and Congress as a whole, we hope to continue to build on this success. (end Vatis text) (Distributed by the Office of International Information Programs, U.S. Department of State. Web site: http://usinfo.state.gov)