Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

FBI: Several nations eyeing US cyber targets

The chief of the FBI's Cyber Division says cyber threats have grown in sophistication in the past year, and are targeting the US.

About two dozen nations have developed cyber-attack capabilities and have their eyes on targets inside the US government or businesses, the top cybercrime law enforcement official in the US said.

"There are countries who have an interest in obtaining information from the US, in terms of the electronic theft of data," said Shawn Henry, the assistant director in charge of the US Federal Bureau of Investigation's Cyber Division.

Henry declined to name countries, but he called organized attacks on US cyber targets a "significant threat" during a press conference Wednesday. Over the past year, cyber attacks against US targets have become increasingly sophisticated, said Henry, appointed to the top post in the Cyber Division in September.

The FBI has thousands of open investigations into cybercrime and organized cyber attacks, said Henry, who's investigated cybercrime for the FBI on and off for the past nine years. The FBI has also tracked terrorist groups that use cybercrime such as identity theft to fund their operations, he added.

Henry encouraged government agencies and US businesses to worry less about where the cyber threat was coming from and more about how to protect their data and networks.

"They've got to be concerned about the information on their networks and ingress into their networks," he said. "The threat actor shouldn't be all that important to them because once the information is gone, it's gone. If it's a kid from Iowa who steals the information, it can still be turned over to a terrorist organization."

Henry stayed away from giving specific numbers during his briefing, but he said he's seeing an increase in the use of botnets -- networks of compromised computers -- to commit cybercrime. Botnets are being used to send phishing spam e-mail, spread malicious code and attack computer networks, he said.

The FBI is also seeing significant organized crime over the Internet, including traditional organized crime groups moving their operations to the Web and groups of criminal hackers meeting each other and planning crime over the Web. "There are organized groups that are very successful," he said.

Asked if terrorist groups had targeted the US electrical grid or air-traffic control system, Henry declined to single out those sectors. "There are parties that are interested in doing whatever damage they can with the greatest impact on the US," he said.

Henry also talked about governmentwide efforts to fight cybercrime. In January, US President George Bush launched an effort called the Comprehensive National Cybersecurity Initiative. Many of the details are classified, but the FBI is working closely with the US Department of Homeland Security and other agencies to improve cybersecurity inside and outside the US government, Henry said.

Some of the major efforts include educating government agencies and businesses about cyber threats, and recruiting top US workers to the cybersecurity field, Henry said. The US has "lost some of our advantage" in the area of cybersecurity as many students have opted for other careers, Henry said.

The FBI is also working out ways to coordinate sources of information about cyber threats and cyber criminals and share that information across the government and with the private sector, Henry said.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: FBI, Federal Bureau of Investigation, US Federal Bureau of Investigation

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Email Encryption/Decryption and Signing integrated into a comprehensive content security solution
    Clearswift’s SECURE Email Gateway provides an easy to use approach to providing secure email conversations. The technology enables customers to provide the privacy, authenticity and integrity of the communication that secure messaging offers, but without the complexity and high administration cost of other systems. The Clearswift SECURE Email Gateway with integrated encryption technology enables business to communicate with confidence and protects them from the risk of sensitive data loss.
    Learn more »
  • Why Two Thirds of Enterprise Architecture Projects Fail
    This is the conclusion of a study for the R otterdam U niversity carried out by J onathan B roer in the summer of 2008, ordered by BPM and E A software vendor IDS S cheer. B roer questioned 161 respondents from 89 organizations representing a range of industries about their vision and implementation of the enterprise architecture concept.
    Learn more »
  • Teleworking made simple—and secure—with desktop virtualisation technology
    Businesses of all sizes are increasingly focused on creating flexible work environments and offering telework options for employees. By administering policies and providing the technical capability for employees to work remotely, these companies can improve job satisfaction and worker attraction and retention. This paper explores the implementation of teleworking based on a foundation of desktop and server virtualisation.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.