SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

del.icio.us Slashdot reddit Newsvine

Joseph McShane, Fordham University: ICCS International Conference on Cyber Security High Lights Intelligence Sharing

August 6, 2010

The International Conference on Cyber Security (ICCS) 2010, a joint effort between the Federal Bureau of Investigation and Fordham University, brought together global leaders and representatives from over 40 countries in emerging cyber threat analysis and enforcement at Fordham University's Lincoln Center campus, August 2-5, 2010. Among the top speakers to present at this event was FBI Director Robert S. Mueller, III.

For the second year in a row, Fordham has partnered with the FBI to sponsor this conference. The working relationships between law enforcement professionals and those in the private sector and academia are instrumental in combating cyber crimes worldwide. Representatives from various law enforcement and government agencies, academic institutions, and private industries enjoyed presentations, exhibitions, and access to networking opportunities. Participants discussed advancements in the field of cyber security and emerging cyber threats, in addition to other related topics.

From left to right: Trustee, Fordham University Mark Tuohey; FBI Director Robert S. Mueller, III; FBI New York Acting Assistant Director in Charge George Venizelos, and Chairman of the Fordham University Board of Trustees John Tognino Photo Credit: FBI New York

Speaking at the conference, FBI Director Robert S. Mueller, III said, “No one country, no one company, and no one agency can stop cyber crime. A ‘bar the windows and bolt the doors’ mentality will not ensure our collective safety. Fortresses will not hold forever; walls will one day fall down. We must start at the source; we must find those responsible.”

Acting Assistant Director in Charge of the FBI New York Division George Venizelos said, “We are joined today by our domestic associates as well as representatives from many countries throughout the world. In addition to our domestic partnerships, the international partnerships we share provide invaluable contributions and intelligence sharing efforts for use in examining the field of cyber security. ICCS 2010 has served as a perfect venue to advance the fight against cyber crime.”

President of Fordham Joseph McShane, S.J., welcomed participants to the event. "Learning—information—has a privileged place in the academy. Therefore, it is both natural and providential that Fordham join with the FBI to convene experts in law enforcement, academia, and industry on the integrity of the nation's cyber infrastructure. In its second year, this conference, and the close partnership it represents, is a model way forward in protecting what has become a critical component of the global intellectual marketplace."

FBI New York Special Agent in Charge of the Cyber/Special Operations Division Mary Galligan said, “The growth of cyber crime and the impact it has on the world affects not only the United States, but the international community as well. ICCS afforded the FBI and our foreign law enforcement partners an opportunity to share ideas and enhance the already strong bond that exists around the globe. The mitigation of today's complex cyber crime can only be achieved through collaboration between the public and private sector."

Robert S. Mueller, III
Director
Federal Bureau of Investigation

International Conference on Cyber Security 2010
New York, New York


August 5, 2010

Good morning. It is a pleasure to be here. My thanks to Fordham University for hosting this conference and for co-sponsoring it with the FBI.

It is perhaps a little unusual to start a speech by pausing for five seconds, but that is what I would like to do.

What just happened? In those five seconds, computer users conducted some 170,000 Google searches. An estimated 22 million e-mails were sent—and about 80 percent of those were spam. Users posted at least 3,500 status updates on Facebook and 3,000 “tweets” on Twitter.

Meanwhile, the Automated Clearinghouse—the network that connects all U.S. financial institutions—processed almost 3,000 electronic payments. All of that happened in just five seconds.

We live in a wired world. Our networks help us to stay in touch with family and friends, collaborate with colleagues worldwide, and shop for everything from books to houses. They help us manage our finances and make businesses and government more efficient.

But our reliance on these networks also makes us vulnerable. Criminals can use the Internet to commit fraud and theft on a grand scale, and to prey upon our children. Spies and terrorists can exploit our networks to steal our secrets, attack our critical infrastructure, and threaten our national security. And because the web offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder.

Yet for too many individuals and businesses, cyber crime remains a nebulous concept. So today, I want to talk about the evolving nature of cyber threats, what the FBI is doing to combat them, and how we can work together to keep them at bay.

Cyber Terrorism

Let me begin with cyber threats to our national security. As you well know, a cyber attack could have the same impact as a well-placed bomb.

To date, terrorists have not used the Internet to launch a full-scale cyber attack. But they have executed numerous denial-of-service attacks and defaced numerous websites.

In the past decade, al Qaeda’s online presence has become almost as potent as its physical presence. Extremists are not limiting their use of the Internet to recruitment or radicalization; they are using it to incite terrorism.

Of course, the Internet is not only used to plan and execute attacks; it is also a target itself. Usama bin Laden long ago identified cyberspace as a means to damage both our economy and our morale—and countless extremists have taken this to heart.

We in the FBI, with our partners in the intelligence community, believe the cyber terrorism threat is real, and is rapidly expanding. Terrorists have shown a clear interest in pursuing hacking skills. And they will either train their own recruits or hire outsiders, with an eye toward coupling physical attacks with cyber attacks.

Apart from the terrorist threat, nation-states may use the Internet as a means of attack for political ends. Consider what took place in Estonia in 2007 and in the Republic of Georgia in 2008. Wave after wave of data requests shut down banks and emergency phone lines, gas stations and grocery stores, even parts of each country’s government. The impact of these attacks left all of us aware of our vulnerabilities.

Counterintelligence and Economic Espionage

Let me turn for a moment to counterintelligence intrusions and economic espionage.

Espionage once pitted spy versus spy and country against country—as we have recently seen. Today, our adversaries sit on fiber optic cables and wi-fi networks, often unknown and undetected. They may be nation-state actors or mercenaries for hire, rogue hackers or transnational criminal syndicates.

These hackers actively target our government and corporate networks. They seek our technology, our intelligence, and our intellectual property, even our military weapons and strategies. In short, they have everything to gain, and we have a great deal to lose.

We are concerned not only about the loss of data, but corruption of that data as well. If hackers made subtle, undetected changes to your company’s source code, they would have a permanent window into everything you do.

Some in the industry have likened this to “death by a thousand cuts.” We are bleeding data, intellectual property, information, and source code—bit by bit, and in some cases, terabyte by terabyte.

The solution does not rest solely with better ways to detect and block intrusion attempts. We are playing the cyber equivalent of cat and mouse, and, unfortunately, the mouse seems to be one step ahead.

We must work to find those responsible. And we must make the cost of doing business more than they are willing to bear.

The FBI: Protecting Our Infrastructure

The FBI pursues cyber threats from start to finish. We have cyber squads in each of our 56 field offices around the country, with more than 1,000 specially trained agents, analysts, and digital forensic examiners.

Together, they run complex undercover operations and examine digital evidence. They share information with our law enforcement and intelligence partners. And they teach their counterparts—both at home and abroad—how best to investigate cyber threats.

But the FBI cannot do it alone. The National Cyber Investigative Joint Task Force includes 18 law enforcement and intelligence agencies, working side by side to identify key players and schemes. The goal is to predict and prevent that which is on the horizon, and to pursue the enterprises behind these attacks.

The task force operates through Threat Focus Cells—smaller groups of agents, officers, and analysts from different agencies, focused on particular threats.

For example, the Botnet Focus Cell investigates high-priority botnets. We are reverse-engineering those botnets, with an eye toward disrupting them. And we are following the money wherever it leads, to find and stop the botmasters.

The recent takedown of the Mariposa botnet is but one example of that collaboration. As you may know, Mariposa was an information-stealing botnet—one that infected millions of computers worldwide, from Fortune 500 companies to major banks.

During a two-year investigation, the FBI worked closely with our overseas counterparts to track down and arrest the main operators of the Mariposa botnet and the original creator of the malicious software that helped to build and control it.

In February, the Spanish police arrested three individuals who used Mariposa to hack into online bank accounts. And just two weeks ago, the Slovenian police identified and arrested the botnet’s creator. This individual had sold the original virus to hundreds of criminals worldwide, and developed customized versions to meet their needs.

The Mariposa takedown sends a clear message to cyber criminals: We are going after both the cyber equivalent of the house burglar—and the person who gives him the crowbar, the map, and the locations of the best houses in the neighborhood.

The skill, dedication, and unprecedented cooperation provided by our partners in Spain and Slovenia were crucial to the success of this effort. In international cases such as this, global cooperation is absolutely essential.

To that end, the FBI has 61 legal attaché offices around the world, sharing information and coordinating investigations with our host countries. We have embedded agents with police forces in Romania, Estonia, Ukraine, and the Netherlands, to mention just a few.

Together, we are making progress. But law enforcement agencies alone cannot defeat our cyber adversaries. In the Mariposa case, our private sector partners also provided valuable help. The Mariposa Working Group, an informal band of security researchers and volunteers, gave us intelligence to track down the subjects, and worked to dismantle the botnet after we made our arrests.

Importance of Private Sector Partnerships

But to stem the rising tide of cyber crime and terrorism, we also need your help.

We in the FBI understand that those of you in the private sector have practical concerns about reporting breaches of your network security. You may believe that notifying the authorities will harm your competitive position. You may have privacy concerns. Or you may think that the information flows just one way—and that is to us.

We do not want you to feel victimized a second time by an investigation. We will minimize the disruption to your business, and safeguard your privacy and your data. Where necessary, we will seek protective orders to preserve trade secrets and business confidentiality. And we will share with you what we can, as quickly as we can, about the means and the methods of attack.

Remember that for every investigation in the news, there are hundreds that will never make the headlines. Disclosure is the exception, and not the rule. That said, we cannot act if we are not aware of the problem. Maintaining a code of silence will not benefit you or your clients in the long run.

It calls to mind the old joke about two hikers in the forest who run into a bear. The first hiker says to the other, “We just need to outrun him.” And the second replies, “I don’t need to outrun him. I just need to outrun you.”

You may well outrun one attack, but you aren’t likely to avoid the second, or the third. Our safety lies in protecting not just our own interests, but our critical infrastructure as a whole.

Conclusion

Following World War I, France built a line of concrete fortifications and machine gun nests along its borders. It was designed to give the French army time to mobilize in the event of an attack by Germany. The secondary motivation was to entice Germany to attack Belgium as the easier target.

As we all know, the Maginot Line held strong for a brief time. However, in the long run, it failed. The Germans invaded Belgium, outflanked the line, and stormed France. In the end, neither fortresses nor fortifications stopped Nazi Germany.

Our success in defeating Germany was built on a united front. We stopped playing defense, and we pushed back, day by day. No one country, standing alone, could have ended that war.

The same is true today, in this new context. No one country, no one company, and no one agency can stop cyber crime. A “bar the windows and bolt the doors” mentality will not ensure our collective safety. Fortresses will not hold forever; walls will one day fall down. We must start at the source; we must find those responsible.

The only way to do that is by standing together. For ultimately, we all face the same threat. Together, we can and we will find better ways to safeguard our systems, minimize these attacks, and stop those who would do us harm.

Thank you all for attending this conference, and God bless.

Terms of Use | Copyright © 2002 - 2010 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement