FBI Director Robert Mueller sounded a call to arms at RSA, telling security experts that the country needs their help to fight cybercrime and terrorist attacks. He also enlisted the help of companies, promising greater sensitivity on the agency’s part when investigating breaches. “We know that putting on raid jackets, courting the media, and shutting down your operations does not get the job done,” he said.
The Federal Bureau of Investigation on Thursday joined the Department of Homeland Security in seeking to hire cybersecurity experts from the private sector.
“I want to send out an invitation to those of you in the audience who want to serve the country to join the FBI,” FBI Director Robert Mueller said at the RSA Conference 2010 in San Francisco on Thursday.
Mueller also urged the private sector to cooperate with the FBI in fighting cybercrime, as did DHS Secretary Janet Napolitano when she spoke at RSA 2010 on Wednesday.
Taking On More Staff
The FBI has cybersquads in each of its 56 fields nationwide, and more than 1,000 specially trained agents, analysts and digital forensic examiners who run complex undercover operations, share intelligence with partners in law enforcement and intelligence, and provide training to their counterparts around the world, Mueller said.
It also has mobile cyberaction teams — agents, analysts and experts highly trained in both computer forensics and malicious code — who travel worldwide to respond to fast-moving cyberthreats.
In addition, it has created and leads the National Cyber Investigative Joint Task Force, which combines 17 law enforcement and intelligence agencies to predict what’s on the horizon, to prevent attacks, and to pursue the enterprises responsible for planning them.
The FBI also has small groups of analysts and agents from different agencies who focus on different threats, Mueller said. For example, its botnet fusion focus cell investigates high-priority botnets, reverse engineers those botnets, and searches for their creators.
However, that’s not enough; the FBI is seeking to beef up the ranks of its cybersecurity experts.
“We — both you and I — serve the American people, and we must do everything we can together to minimize and stop these attacks,” Mueller said.
Stand By Me
Without support from the private sector, law enforcement will find it difficult to fight cybercrime, Mueller said.
“We need your help, so let me emphasize the importance of private sector partnerships,” he told his audience.
Mueller pledged that the FBI will minimize disruption to companies that report crimes.
“Historically, there has been a dichotomy between network security and the investigative process,” he pointed out. “We in the FBI understand you have practical reasons for being concerned about reporting breaches of security.”
The FBI doesn’t want enterprises to feel victimized a second time by an investigation, Mueller promised.
“We know that putting on raid jackets, courting the media, and shutting down your operations does not get the job done,” he said, echoing what he said in 2005 when he complained about the reluctance of the private sector to report cybercrime. “For every investigation in the news, there are hundreds that never make the headlines. Disclosure is the exception, not the rule.”
Private enterprises have been reluctant to report cyberattacks for fear that investigations will hurt their operations, a fact acknowledged by the U.S. Department of Justice and other law enforcement agencies.
“We will share with you what we can as quickly as we can about the means and the methods of the attacks,” Mueller said, “but we cannot act if we are not aware of the problem, and maintaining a code of silence will not help you or your clients in the long run.”
For example, the FBI managed to crack a crime ring that stole millions of dollars from more than 280 cities worldwide within 24 hours by using fake ATM cards because the company in question reported the crime, Mueller said.
“In 24 hours, the attackers stole hundreds of millions of dollars in more than 280 cities worldwide,” Mueller told his audience. “If the company hadn’t come forward, we could not have prevented these hackers from hitting their next victim.”
The top three hackers behind this attack are now in custody in eastern Europe, Mueller said.
A New World Cybersecurity Order
Fighting cybercrime effectively requires international cooperation among nations and law enforcement, Mueller pointed out. “Today, no one country, no one company, no one agency can stop cybercrime,” he explained. “We see borders as obstacles, whereas criminals see them as opportunities.”
Cybercriminal gangs cooperate easily across national borders, while law enforcement agencies cannot because of jurisdictional and legal issues and other differences. Some countries also protect well-connected cybercriminals.
The FBI has more than 60 attachÃ©s based in nations around the globe who share information and intelligence with their host countries, Mueller pointed out.
Cooperation between the FBI and Spanish authorities helped crack the Mariposa botnet and take down the three men behind it.
“This case, like so many others, emphasizes the need for global cooperation,” Mueller said.
The FBI has also cooperated with Egyptian authorities to dismantle an intrusion and money-laundering scheme, and with German and other authorities to dismantle “Dark Market,” one of the largest underground markets for stolen cyberinformation.
“Together we must work towards an international standard for dealing with cybercrime,” Mueller said. “We’re playing the cyberequivalent of cat and mouse, and the mouse seems to be one step ahead most of the time.”