A burglary victim would not repair a broken window without first alerting the police to the intrusion, so investigators could dust for fingerprints and try to determine who committed the crime. And government officials are trying to send the same message to computer network administrators as well about cyber-intrusions.

Federal cybersecurity first-responders meeting this week for a conference in Orlando, Fla., will be joined for the first time by nearly 100 assistant U.S attorneys. The goal is to get those tasked with thwarting cybercrime to understand the investigative and prosecutorial arms of combating the growing cybersecurity threat.

The Government Forum of Incident Response and Security Teams Conference, which begins Tuesday, will feature conversations with computer security professionals from some of the nation’s largest Internet players, including Microsoft, Walt Disney World and Facebook, as well as officials from the FBI, CIA and Secret Service.

Incidents of cyber-intrusion are on the rise. A recent report by Symantec found an average of more than 5,000 denial-of-service attacks a day in the United States, with about 30 percent occurring in the government sector.

But too often, federal officials acknowledge, the focus has been on blocking and mitigating attacks, rather than determining where they come from and holding people accountable. A denial-of-service attack attempts to make a computer system unusable for the intended customers.

“For network defenders, the first impulse is to make the hurting stop,” said Christopher Painter, principal deputy chief of the Computer Crime and Intellectual Property Section of the Department of Justice. “But it’s very helpful that they do the logging and preserve the data that’s needed to determine who’s responsible.”

Painter said that while his unit has been around since 1995, and there are computer hacking and intellectual property network prosecutors around the country, hackers still believe they can evade prosecution and consequences for cyber-attacks, especially if they go through the systems of a foreign country.

By linking the network administrators with the prosecutors, Painter said he hoped more first-responders would understand the tools and information that could help investigators go after cybercriminals and increase the number of prosecutions and convictions.

“The reticence is still there, and the reporting is below where we want to see,” he said. “But all of us are working really hard to get people to come forward about these things.”

Jerry Dixon, director of the National Cyber Security Division of the Department of Homeland Security, said he hoped administrators will begin to understand what to do and what not to do when handling an intrusion. That includes when to keep systems offline so that they can be reviewed by investigators.

“Cyber-attacks move very quickly,” Dixon said. “But after you’ve been a victim and trying to clean up, it takes days to do forensic analysis to determine where it came from.”

But there are alternatives to keeping a crucial system inactive, Dixon said. Hard drives and networks can be digitally copied or logged to investigate a crime while the system is returned to duty. Another method is to keep a duplicate system available, allowing the alternate to run while the affected system is scoured for evidence after an attack without compromising government productivity.

The same can be said for private businesses that face similar cyber-intrusions and risk losing profits by keeping systems offline. Dixon said more than a million usernames and passwords were compromised online last year.

But he also said more companies are reporting crimes to the U.S. Computer Emergency Readiness Team, which DHS runs. In fact, US-CERT has already received more incident reports this year than the 24,000 it logged in 2006.

Painter said the Justice Department needs to end the myth that reporting cybercrime means government agents will confiscate a company’s systems.

“I think it’s still a problem,” he said. “One of the things that has been a core part of our effort is to go out to the private sector and make ourselves known.”

There is also a great deal the prosecutors need to know about the world of cybercrime. While Painter said all of the prosecutors have been specially trained to handle computer cases, they can still learn from the first-responders.

“It’s very important to know how the technology works, and the tech community sees the threat often before we do,” he said. The 92 assistant U.S. attorneys at the conference and other Justice officials will receive technical training and build bridges that can help keep them in the loop of the latest cyberthreats.

The training comes as computer crimes become more sophisticated. Cybersecurity experts agree that lone gunmen and juvenile hackers largely have been replaced by coordinated criminal networks that are more likely to manipulate data for profit or to induce sabotage. Recent computer attacks targeted the government of Estonia for political purposes and U.S. military officials recently suggested China could attack American computer systems.

Dixon said reported incursions can be linked to similar cases around the world, and an international network of CERTs can help track a hacker who crosses virtual international lines.

He said after federal prosecutors become more engaged, the next step will be to replicate the relationships with state and local law enforcement.

“There’s a lot of attention being paid to cyber, especially when more and more of our infrastructure is reliant on software,” Dixon said. “Everyone has to have the capability to determine where our weaknesses are.”

And, Painter said, network administrators must balance rapid response with criminal reporting.

“Cybersecurity is not really complete unless you have both,” he said. “You can lock the windows and doors, and you should, but unless there’s prosecution, they’re not going to stop, and they’re going to bring their friends.”

Matthew E. Berger can be reached at mberger@cq.com.