San Francisco -- The director of the Federal Bureau of Investigation (FBI) said this week his agency plans to introduce a malware-analysis system later this year that will let businesses and the public, report newly identified malware attacks, upload malware samples and receive reports on them.
In his keynote at the RSA Conference, FBI director James Comey didn't spend much time discussing this newly proposed interactive malware-analysis system, but he did say it would be derived from something the FBI already uses called "Binary Analysis Characterization and Storage System." This is an internal malware-analysis tool used by the FBI in its own cybercrime investigations. Comey said the new system for interaction with the public would be called "Malware investigator." He didn't go into great detail about how it would work, but said the idea behind it is to treat malware and viruses much like "fingerprints and DNA" that let the FBI identify crime suspects.
"Later this year we'll roll out Malware Investigator," said Comey during the course of his keynote address, in which he mainly spoke on the topic of how the FBI wants to expand its interaction with businesses and others in cybercrime matters in order to better fight growing problems such as massive denial-of-service attacks.
It's not clear how the FBI plans on interfacing with the public in order to share malware samples. But Comey suggested Malware Investigator would offer a way to send a sample into the system and receive a report on it quickly. The idea, he said, is to gather intelligence from many sources on where certain types of malware-oriented cyberattacks may be occurring. It might act as a unified threat-reporting system.
Comey, who is only five months into his position as FBI director, said his predecessor advised him that his job would be increasingly focused on cybercrime issues, such as tracking dangerous botnets, cybercrime syndicates and carrying out computer forensics. He said he has found that to be the case.
Comey voiced some frustration that interactions with businesses hit by cybercrime can be rocky, with the victimized business reluctant to report an incident out of worry that law enforcement will turn the network into a crime scene or that business competitors will use a setback to their advantage.
In addition, Comey noted, "Some suggest there is a conflict between fighting cybercrime and preserving liberty," but he added, "We're looking for security that embraces liberty."
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org
Read more about wide area network in Network World's Wide Area Network section.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.