SAN FRANCISCO â€" FBI Director Robert Mueller envisions an afternoon soon when cybersecurity threats will surpass terrorism because the top threat to the us, and in turn turns into the bureau's top priority.
“We're going to take our lessons learned from terrorism and apply them to cyber,†Mueller said during a Thursday keynote at RSA Conference 2012. “Our agents that specialize in cyber could have the top skill sets.â€
Mueller referenced the work of the National Cyber Investigative Task Force and up to date successes it has had in shutting down the CoreFlood botnet, liable for $100M in fraud, and Operation GhostClick, which took down a $14M click fraud operation. He said the duty force will soon have more resources and capabilities, including a structure where its agents will work in a virtual environment to counter the most recent threats to financial institutions, manufacturers and the defense industrial base.
“The final result of those developments is that we're losing data, losing money, ideas and innovation. And as citizens, we're increasingly susceptible to losing our personal information,†Mueller said. “We must be able to forestall the bleeding.â€
Mueller, who was U.S. Attorney for the Northern District of California from 1998-2001, has seen cybercrime evolve from the denial-of-service (DoS) attacks perpetrated by Mafiaboy in 2000 to the rampant lack of payment data and intellectual property today.
“When we caught Mafiaboy, the 15-year-old was at a sleepover, eating junk food and watching Goodfellas. Those look like the best ol' days,†Mueller said. “Today terrorists use the web as a recruiting tool, a money maker and a town square. We've also seen the upward thrust of hacktivists, organized crime syndicates, hostile nation states and mercenaries willing to hack for the precise price. It's imperative we interact to guard our intellectual property, critical infrastructure and economy.â€
Mueller repeated a well-known refrain from his previous talks at RSA â€" he was last here in 2010 â€" calling for improved information sharing between the private and non-private sector.
“Real-time information sharing is crucial and it need to be shared with the personal sector. You should have the means and motivation to work with us,†he said. “The need for a collective approach, true collaboration and timely information sharing hasn't ever been more pressing.â€
The bureau is embedded worldwide; Mueller said there are 63 legal attaché offices globally sharing information and coordinating investigations into cybersecurity threats akin to Operation Ghost Click, which was executed in Estonia, in addition to Long island and Chicago. And China remains a spectre against U.S. interest; the Chinese are habitually implicated in espionage (.pdf) schemes conducted online, similar to those against RSA SecurID and the Operation Aurora attacks.
“Hostile foreign nations seek our intellectual property and trade secrets for military and competitive advantage,†Mueller said. “State-sponsored hackers are patient, calculating and feature the time, money and resources to burrow in and wait.â€
Mueller said systems should be designed with some offensive capabilities, which might include the power to track attacks.
“We cannot minimize vulnerabilities and concentrate on the results,†he said. “Systems must be designed to catch threat actors, not only withstand them.â€
View all of our RSA 2012 Conference coverage.
Nessun commento:
Posta un commento
Comments links could be nofollow free