All Companies Will Be Hacked, Thinks FBI Director

[By Sudarshana Banerjee]

Robert S. Mueller, III, director of the Federal Bureau of Investigation (FBI) delivered a speech at the RSA Cyber Security Conference, held in San Francisco, CA, from February 27th. to March 8th.

We thought you may be interested in hearing what he has to say. Following are excerpts from Mr. Mueller’s speech:

  • A few weeks ago, there was a story in The New York Timesabout a woman who was taking a break from work. She was watching YouTube videos on her iPhone when a man walked up, pointed a gun at her, grabbed the phone, and ran.A New York City police officer responded to the call and told her not to worry, that he would find her phone. He grabbed his own phone, opened the “Find My iPhone” app, and typed in the victim’s Apple ID. In seconds, a phone icon popped up, showing that the subject was near 8th Avenue and 51st Street.The officer and his partner headed that way. As they pulled up, the officer pushed a button on his phone, and they began to hear a pinging noise some 20 feet away. The officer hit “Play” once more, and they followed the pinging to its source, which turned out to be in the man’s sock. The Times reporter pointed out that had the subject been tech savvy, he might have known how to disable the iCloud setting and stop the trace. If only every case could be solved so easily, and in less than 30 minutes.
  • Traditional crime—from mortgage and health care fraud to child exploitation—has migrated online. Terrorists use the Internet as a recruiting tool, a moneymaker, a training ground, and a virtual town square, all in one.
  • Terrorists are increasingly cyber savvy. Much like every other multi-national organization, they are using the Internet to grow their business and to connect with like-minded individuals. And they are not hiding in the shadows of cyber space.
  • Al Qaeda in the Arabian Peninsula has produced a full-color, English-language online magazine. They are not only sharing ideas, they are soliciting information and inviting recruits to join al Qaeda.  Al Shabaab—the al Qaeda affiliate in Somalia—has its own Twitter account. Al Shabaab uses it to taunt its enemies—in English—and to encourage terrorist activity.
  • The individuals who planned the attempted Times Square bombing in May 2010 used public web cameras for reconnaissance. They used file-sharing sites to share sensitive operational details. They deployed remote conferencing software to communicate. They used a proxy server to avoid being tracked by an IP address. And they claimed responsibility for the attempted attack—on YouTube.
  • To date, terrorists have not used the Internet to launch a full-scale cyber attack. But we cannot underestimate their intent. In one hacker recruiting video, a terrorist proclaims that cyber warfare will be the warfare of the future.
  • State-sponsored hackers are patient and calculating. They have the time, the money, and the resources to burrow in, and to wait. They may come and go, conducting reconnaissance and exfiltrating bits of seemingly innocuous information—information that in the aggregate may be of high value.
  • Unlike state-sponsored intruders, hackers for profit do not seek information for political power—they seek information for sale to the highest bidder. These once-isolated hackers have joined forces to create criminal syndicates. Organized crime in cyber space offers a higher profit with a lower probability of being identified and prosecuted. Unlike traditional crime families, these hackers may never meet, but they possess specialized skills in high demand.
  • We have cyber squads in each of our 56 field offices, with more than 1,000 specially trained agents, analysts, and forensic specialists. Given the FBI’s dual role in law enforcement and national security, we are uniquely positioned to collect the intelligence we need to take down criminal networks, prosecute those responsible, and protect our national security.The FBI has 63 legal attaché offices that cover the globe. We have special agents embedded with police departments in Romania, Estonia, Ukraine, and the Netherlands, working to identify emerging trends and key players.

    Here at home, the National Cyber Investigative Joint Task Force brings together 18 law enforcement, military, and intelligence agencies to stop current and predict future attacks. With our partners at DHS, CIA, NSA, and the Secret Service, we are targeting cyber threats facing our nation. The task force operates through Threat Focus Cells—specialized groups of agents, officers, and analysts that are focused on particular threats, such as botnets.

  • Last April, with our private sector and law enforcement partners, the FBI dismantled the Coreflood botnet. This botnet infected an estimated two million computers with malware that enabled hackers to seize control of zombie computers to steal personal and financial information. With court approval, the FBI seized domain names and re-routed the botnet to FBI-controlled servers. The servers directed the zombie computers to stop the Coreflood software, preventing potential harm to hundreds of thousands of users.In another case, just a few months ago, we worked with NASA’s Inspector General and our partners in Estonia, Denmark, Germany, and the Netherlands to shut down a criminal network operated by an Estonian company by the name of Rove Digital. The investigation, called Operation Ghost Click, targeted a ring of criminals who manipulated Internet “click” advertising. They re-directed users to their own advertisements and generated more than $14 million in illegal fees. This “click” scheme impacted more than 100 countries and infected four million computers, half-a-million of which were here in the United States.

    We seized and disabled computers, froze the defendants’ bank accounts, and replaced rogue servers with legitimate ones to minimize service disruptions. With our Estonian partners, we arrested and charged six Estonian nationals for their participation in the scheme.


  • Terrorism remains the FBI’s top priority. But in the not too distant future, we anticipate that the cyber threat will pose the number one threat to our country.
  • We are creating a structure whereby a cyber agent in San Francisco can work in a virtual environment with an agent in Texas, an analyst in Virginia, and a forensic specialist in New York to solve a computer intrusion that emanated from Eastern Europe.
  • We must ensure that our ability to intercept communications—pursuant to court order—is not eroded by advances in technology. These include wireless technology and peer-to-peer networks, as well as social media.
  • Following the September 11th terrorist attacks, we increased the number of Joint Terrorism Task Forces. Today, we have more than 100 such task forces—with agents, state and local law enforcement officers, and military personnel—working together to prevent terrorism. We are developing a similar model to fight cyber crime—to bolster our capabilities and to build those of state and local law enforcement as well.
  • Along these same lines, 12 years ago we joined forces to address both the growing volume and complexity of digital evidence. Together with our state and local partners, we created the first Regional Computer Forensics Laboratory in San Diego. Today, we have 16 such labs across the country, where we collaborate on cases ranging from child exploitation to public corruption. Together we are using technology to identify and prosecute criminals and terrorists.Working with our partners at DHS and the National Cyber-Forensics Training Alliance, we are using intelligence to create an operational picture of the cyber threat—to identify patterns and players, to link cases and criminals.

    Real-time information-sharing is essential. Much information can and should be shared with the private sector. And in turn, those of you in the private sector must have the means and the motivation to work with us.


  • We in the Bureau are pushing for legislation to provide for national data breach reporting. This would require companies to report significant cyber breaches to law enforcement and to consumers. Forty-seven states already require the reporting of data breaches, but they do so in different ways and to different degrees.
  • And while you are fierce competitors in the marketplace, you routinely collaborate behind the scenes. For example, Microsoft, Google, Facebook, and Bank of America, along with several other companies, have joined forces to design a system to authenticate legitimate e-mails and weed out fake messages.Public-private partnerships are equally important. Through the FBI’s InfraGard program, individuals in law enforcement, government, the private sector, and academia meet to talk about how to protect our critical infrastructure. Over the past 15 years, InfraGard has grown from a single chapter in the Cleveland FBI Field Office to more than 85 chapters across the country, with more than 47,000 members.

    Recently, after attending a local InfraGard meeting, one member recognized a phishing scam and notified the FBI. We identified 100 U.S. banks that had been victimized by unauthorized ATM withdrawals in Romania. Eighteen Romanian citizens were charged and eight individuals were extradited to the United States. Three have pled guilty, with one sentenced to more than four years in prison.

  • I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again. 

    [Image Courtesy: FBI]

    Upload: 03-08-12

Just in

Tech giants urge EU to prioritize digital competitiveness and infrastructure investment

Five major technology companies - Ericsson, IBM, Intel, Nokia, and Vodafone - called on European policymakers to take urgent action to boost Europe's digital competitiveness and keep it a priority for the incoming European Commission.

Covered California implements Google Cloud’s AI solutions

Covered California, California's health insurance marketplace, has announced that it will use Google Cloud's AI solutions to simplify the process of providing health insurance to California residents.