Attacks against sensitive computer systems, such as those victimizing the Canadian government this week, pose a unique problem for law enforcement. The anonymous nature of Internet use means cyber attacks are virtually never traced back to their source, so those responsible can never be brought to justice.
Canadian counter-espionage agents believe the attacks targeting critical federal government financial data originated in China, but cannot seem to narrow the field of suspects beyond a country with more than 450-million Internet users.
When it came to light earlier this month that the Nasdaq, America’s largest electronic Stock Exchange, had been consistently infiltrated by hackers over the past year, even the United States Secret Service working in concert with the Federal Bureau of Investigation (FBI) have been unable to identify the source of the attacks. The best they have been able to surmise so far is those attacks appear to have originated in Russia, but they cautioned the true source could have been anywhere, with the true criminals simply taking control of Russian computers remotely to hide their true location.
“This ‘attribution problem’ is so troublesome that some law-enforcement experts have called for a wholesale reworking of Internet architecture and protocols, such that every packet of data is engraved with the identity of its source,” writes Jonathan Zittrain, professor of law and computer science at Harvard University and co-founder of the Berkman Center for Internet and Society, in the March 2011 edition of Scientific American.