New Norton Cyber-Crime Unit Delivers Expertise to Fight Emerging Threats

By Wayne Rash  |  Posted 2011-05-04

New Norton Cyber-Crime Unit Delivers Expertise to Fight Emerging Threats

Symantec took over the U.S. Capitol visitor's center in Washington May 4 to announce the launch of the Norton Cybersecurity Institute. The launch of the new program, which is intended to fight cyber-crime through education of law enforcement, the courts and investigators, is the culmination of a year's worth of planning.

Adam Palmer, who heads the Norton effort, is based at one of the national centers for cyber-crime fighting, near Carnegie Melon University in Pittsburgh. Palmer is an authority on cyber-crime and cyber-terrorism and on the best means of fighting it.

I asked Palmer whether the United States should be expecting some sort of cyber-terrorism in retaliation for the killing of terrorist Osama bin Laden. His response surprised me a little. "It's all crime," he said, "regardless of the motivation."

Palmer, who is the Norton Lead Cybersecurity Advisor for the new Norton Cybersecurity Institute, said that the biggest threat to most people from the bin Laden news will be criminals who will purport to show photos of the dead terrorist as a way to appeal to morbid curiosity. Those photos will contain malware.

"Any time there are events like this, cyber-criminals take advantage of this and exploit people's interest in it," Palmer said. "They quickly adapt technology. They even take advantage of national tragedies. They know people want to see pictures, read stories and will open attachments." Palmer said that an important part of his mission at the Cybersecurity Institute is training law enforcement officers about this kind of exploitation.

He said that the Institute is sponsoring education about emerging threat initiatives and then putting people who have to deal with those threats in a room together as a way to encourage cooperation and collaboration. He noted that in many cases, the Norton Cybersecurity Institute is paying for the travel expenses of law enforcement officers from foreign countries so that they can work with the FBI and other U.S. investigators when they're fighting the same threat.

Palmer is also working with a number of existing groups with similar aims. Those groups include the National Cyber Forensic & Training Alliance (NCFTA), the Society for the Policing of Cyberspace (POLCYB), the Internet Crime Complaint Center (IC3) and the National Center for Justice and the Rule of Law (NCJRL). Palmer said that the Cybersecurity Institute is fostering collaboration with these and other groups, and is providing financial support where it's needed.

The Norton Cybersecurity Institute has been in development for a year, but was formally introduced in Washington on May 4. Palmer is a former Navy JAG officer and prosecutor who specialized in cyber-crime while serving in the Navy. Palmer has been active in cyber-crime training for law enforcement since then, and joined Norton and Symantec to further that work.

Institute Helps Investigators Keep Up with Cyber-Crime


"It's a security software company reaching out not in a way to sell software but as a philanthropic outreach to provide law enforcement the training and collaboration they need," Palmer said. "What I've done is reach out through every chain from the law enforcement officer from the state and local level through attorneys general, the FBI and non-profit groups already supporting them to help make them more successful."

Much of the work of the Norton Cybersecurity Institute is to train prosecutors, attorneys general and judges on how to handle cyber-crime cases once an arrest is made. He said that in addition, they educate law enforcement officials on trends in cyber-crime and cyber-threats, and teach them how to stay up to date on the threats on a day-to-day basis.

One tool that Symantec is making available for free, according to Palmer, is the Norton Cybersecurity Index, a Windows gadget and a mobile site providing constantly updated information on the most significant threats of the day, as well as the general level of cyber-crime.

The Cybersecurity Institute will be rolling out a number of programs this year to help law enforcement and consumers fight cyber-crime. They include a forum for attorneys general and prosecutors, sponsorship with the National Cyber Forensics & Training Alliance, and a series of training conference sponsorships as well as a victim assistance program.

What's notable is that Symantec's Norton division, normally considered the consumer arm of the security company, is the group that's handling the Cybersecurity Institute. Palmer said that the Cybersecurity Institute isn't charging for its services, and is in fact funding many of the groups it's working with and is in many cases paying for expenses of law enforcement officers participating in the programs. "I don't think anybody else is really doing this to the extent we are," Palmer said.

While I suspect that at least part of Symantec's motive in creating the Cybersecurity Institute is to ensure that the company's mindshare remains strong in the face of increasing competition from Microsoft and others, there's no question that the work that the Institute is doing needs to be done. As Palmer pointed out during the interview, cyber-crime moves at the speed of light, but the prosecutors must move at the speed of law.

While the law can move only so fast, it's much more effective if every person and every institution involved with keeping cyber-crime under control knows what they're doing, how the process works and how best to understand the nuances of cyber-crime.

The understanding has to go beyond just the cyber-crime units at the FBI or local and state police departments. Prosecutors have to understand what they're prosecuting, and judges have to understand the cases they're hearing. If the Norton Cybersecurity Institute can accomplish that mission, they'll have made fighting cyber-crime, whether it's identity theft or terrorism, a lot more effective. 


Rocket Fuel