As you may know, October is National Cyber Security Awareness Month. Organized by the National Cyber Security Alliance (NCSA), National Cyber Security Awareness Month is an intensive awareness campaign reaching out to consumers, small businesses, educators, children and other stakeholders in order to raise awareness about the importance of computer security and to educate individuals about practices they can use to protect themselves online.

As part of the McAfee Initiative to Fight Cybercrime, announced in October 2008, McAfee is kicking off our McAfee Cares – Cybersecurity for Kids program to teach K-12 students across the U.S. about cybersafety, cyberethics and cybersecurity as part of the month-long activities. McAfee employees in Santa Clara, St. Paul, Plano and Beaverton will be the first to teach this curriculum in their communities. We are very excited to note that over 100 McAfee employees have volunteered to teach students in their local community as part of this pilot program. And because they already see the great value in these important topics, many of the schools have requested more than the initial planned sessions.

NCSA’s 2008 National Cybersafety, Cyberethics, Cybersecurity Baseline Study found that only 22% of educators are comfortable teaching about cyber bullying, identity theft and other types of cyber crime. The NCSA worked with the Department of Education to create curriculum to help fill the gap in cybersecurity education. The curriculum is designed to arm students with age-appropriate tools and checklists surrounding cyber security, cyber safety and cyber ethics, which they can apply to their online experiences. McAfee is adding additional value to the curriculum by including links to our many free resources available to families through programs such as the Cybercrime Response Unit and our Security Advice Center.

Every day, McAfee employees work to protect families, businesses, and governmental agencies from skyrocketing malware and increasingly sophisticated global cybercriminals. We are pleased to bring this program to students in order to extend our impact within our local community.

Though many McAfee employees will be conducting school visits during October, we recognize that cyber security education makes for an important lesson any time of the year!

As you have likely read in the news, President Obama gets it: Cybercrime is real, it is not going away, and it’s time that we make it a priority in the U.S. and abroad.

As the New York Times reported, holes in defenses at the national level allowed “major incidents of thefts of personal identity, money, intellectual property and corporate secrets. They also allowed a penetration of Obama’s campaign.”

Obama also recognizes that government cannot do it alone, there is tremendous value to be had in public/private partnerships. McAfee was thrilled to hear this. As you may know, McAfee’s Initiative to Fight Cybercrime was initiated last year because of the tremendous growth in online crime and the tools to perpetrate these crimes as seen in our Global Threat Intelligence research.

McAfee’s multi-point plan to fight cybercrime continues to roll out with three main areas of priority: education and awareness, policy & legal influence, and research & technology. With our launch of the Cybercrime Response Unit last month, we are providing educational tools to consumers and small/medium businesses to understand online risks and where to go for assistance with the widest breadth of online crimes.

Since McAfee launched the Initiative, we have also provided grants to help educate prosecutors and judges worldwide about cybercrime, through grants to both the Council of Europe and the National District Attorneys Association. In the way of policy and legal influence, our work with the Council of Europe hopes to encourage more countries to become signatories and implement the foundation of the Convention on Cybercrime for easier prosecution across country borders.

We continue to provide expertise in key policy and legislative reviews in Congress about everything from grants to local law enforcement in fighting cybercrime, to better legal language to improve existing and implement new legislation. In the way of research and innovation, we are working with our friends in law enforcement to identify innovative solutions to ease their workload complexity. We introduced version 1 of the Cybercrime Scanner for the CRU which seeks to identity issue areas on a user’s computer which make them vulnerable to cybercrime.

Finally, this month we are implementing a cybercrime forum where our partners and associates in fighting cybercrime can come to exchange ideas and work together in an online forum.

This is all good news. There’s no time like the presence to embrace how important this work is, and to continue to pursue cybercrime from all angles. There’s nothing like hearing it as a priority at a country’s top leadership level to embrace a topic as a priority and make it part of the national – and international – dialogue. Onward we go……

As you may know, McAfee’s Initiative to Fight Cybercrime, announced in October 2008, is a wide ranging initiative aimed at closing critical gaps in the fight against cybercrime. As part of this Initiative, McAfee today announced two new exciting developments: the awarding of our first two grants, and the addition of two new Advisory Council Members.

McAfee’s Initiative to Fight Cybercrime Grants Program was established to provide additional funds to programs that have successfully demonstrated positive steps in the global fight against cybercrime. The grants will be utilized in programs to train law enforcement, prosecutors and judges on cybercrime to make a practical and measurable impact in the fight on cybercriminality.

McAfee’s has awarded grants to the Council of Europe and the National District Attorneys Association.

The Council of Europe has been a true pioneer in the fight against cybercrime with the first international framework, the Convention on Cybercrime, for laws against cybercrime. Adopted by many nations, and underway in many more, the Convention has enabled countries to speak the same “legal language” about cybercrime, reducing the barriers to cross-border arrests and prosecutions. But Council of Europe has not stopped there, it continues to work tirelessly to train law enforcement, prosecutors and judges around the globe. McAfee is thrilled to provide an award to the Council to ensure that such training reaches even more of those around the globe who need it.

In addition, the National District Attorneys Association represents U.S. state and local prosecutors, a key constituency in the prosecution of cybercriminals, education of local populations and assistance to cybercrime victims. The NDAA’s programs include cybercrime education for its constituent of prosecutors. With limited funds themselves, not all prosecutors in all jurisdictions in the U.S. have been able to take advantage of such training. McAfee is thrilled to be able to offer assistance to the NDAA through the grant program so that such important training – now through an electronic training course – reaches even more prosecutors.

Between them, the Council of Europe and the National District Attorneys Association, are doing important work to help arm those pursuing cybercriminals. McAfee is pleased to help strengthen such important programs in the fight against cybercrime.

In addition to the grants, McAfee has also added more strength and diversity to its Initiative to Fight Cybercrime Advisory Council. The Council provides McAfee with important guidance from experts across the field of cybercrime to help inform and influence our important work against cybercrime. This global group is chaired by former White House Cybersecurity Adviser Howard A. Schmidt.

McAfee is pleased to announce both Visa and the Merchant Risk Council as the newest members of this important group. Joe Majka, Visa’s Global Head of Fraud Control & Investigations, manages the Cyber-Security and Investigations group at Visa and has over 28 years of experience in corporate security and criminal investigations, specializing in the area of financial crimes.

In addition, the Merchant Risk Council is a merchant-led trade association focused on the risks from electronic commerce and payments globally with the goal of making electronic commerce more efficient, safe and profitable. Merchant members include global companies such as Microsoft, Ticketmaster, Amazon.com, Google, Yahoo!, Walmart.com, and Travelocity to name only a few of their more than 150 important members from a broad array of industries.

Stay tuned for the exciting launch of the new Cybercrime Response Unit! For more information, be sure to visit: http://www.mcafee.com/fightcybercrime.

The Internet got a little safer last week because Internet access providers pulled the plug, literally, on a company called McColo. 

This is a moment in the fight against cybercrime that we can celebrate. It came about thanks to the important contributions of security researchers and media covering the matter. The research provides us with insight into how the enablers and the criminals operate and can hopefully lead us to important legal actions in the future where the cybercrooks actually get caught, prosecuted and judged.

We applaud the service providers – in this case, Hurricane Electric Internet Services and Global Crossing, who ultimately too the steps to take the enablers of cybercrime offline.

McColo was an online landfill. The company provided a shelter for cybercriminals, allowing them to carry out their nefarious activities. By some estimates the spam operations run from the McColo computers amounted to up to 75 percent of the world’s spam on any given day.  As a result of the action many malware-laden Web sites, data stores for contraband such as indecent images of children as well as command and control centers for major spam operations went offline.

The community should continue its research and ensure that such important work gets to those who can make an impact on cybercrime.  It is a continuing cat and mouse game. In the case of McColo the cybercriminals are likely to regroup and will find new havens elsewhere on the Internet.  So the relief will only be temporary – but measurable.

Certainly there are disagreements on whether this is the best way to handle cybercrime – by taking down the enablers one at a time, rather than waiting to have sufficient data and access to take down the actual criminals.  It’s okay to have disagreement on this while we determine the best way to approach cybercrime.  We should encourage open, frank dialogue among those with different ideas to find effective ways to fight cybercrime – whatever they may be for each country and each situation.

The criminals who used McColo to run their operations are still at large. We need to do more to ensure that laws exist to enable law enforcement to arrest the individuals involved in these crimes.  We as a security community can also do our part to educate law enforcement on the impact such criminal activities have on the faceless victims of these crimes and the businesses who suffer, and ensure every player in the judicial process is armed with the knowledge needed to prosecute.

McAfee’s recently launched Initiative to Fight Cybercrime seeks to do just that and we will work with law enforcement internationally to bring cybercriminals – who impact all of our lives – to justice.