Cyberattacks an 'existential threat' to U.S., FBI says
FBI official warns about increasing cyber-sophistication of rogue states, criminals
Computerworld - WASHINGTON - A top FBI official warned today that many cyber-adversaries of the U.S. have the ability to access virtually any computer system, posing a risk that's so great it could "challenge our country's very existence."
Steven Chabinsky, deputy assistant director of the FBI's cyber division, delivered a strong and urgent warning about the threat of cyberattacks during a presentation Tuesday at the FOSE government IT trade show here. Chabinsky also offered recommendations for countering the threat, including rules that would restrict the ability of some systems to interoperate with more vulnerable ones.
"The cyber threat can be an existential threat -- meaning it can challenge our country's very existence, or significantly alter our nation's potential," Chabinsky said. "How we rise to the cybersecurity challenge will determine whether our nation's best days are ahead of us or behind us.
"I am convinced that given enough time, motivation and funding, a determined adversary will always -- always -- be able to penetrate a targeted system," he added.
Chabinsky said that terrorism is the FBI's top cyber priority, followed by its investigation of foreign countries "that seek every day to steal our state secrets and private sector intellectual property, sometimes for the purpose of undermining the stability of our government by weakening our economic or military supremacy."
Both terrorists and foreign countries are turning to cyber-technologies "to exploit our weaknesses," Chabinsky said.
Cybercrime is increasingly becoming a business and more often than not connected with violent organized crime syndicates. In fact, the FBI has started using SWAT teams to make some cybercrime arrests, said Chabinsky.
White collar criminals are also increasingly involved in such enterprises. Many believe they will never serve jail time, but "increasingly, they are wrong," said Chabinsky.
The FBI has been hiring and training special agents who can "talk the talk" and navigate the online world of cybercriminal enterprises.
Chabinsky urged government organizations to evaluate their risk postures, and ask their providers of security tools "whether they guarantee your system from computer intrusions and malware. If they don't ask them why," he added.
Chabinsky also recommended that agencies use a tier level of service, one that restricts the ability of key systems to interoperate with weak and vulnerable ones.
He also asked that people report intrusions as "a civic responsibility. The FBI cannot be successful without victims coming forward and providing their assistance."
Patrick Thibodeau covers SaaS and enterprise applications, outsourcing, government IT policies, data centers and IT workforce issues for Computerworld. Follow Patrick on Twitter at @DCgov, or subscribe to Patrick's RSS feed . His e-mail address is firstname.lastname@example.org.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts