recommended reading

FBI warns of sweeping global threat to U.S. cybersecurity

The FBI's newly appointed chief of cybersecurity warned today that "a couple dozen" countries are eager to hack U.S. government, corporate and military networks. While he refused to provide country-specific details, FBI Cyber Division Chief Shawn Henry told reporters at a roundtable cooperation with foreign law enforcement is one of the bureau's highest priorities and added the United States has had incredible success fostering overseas partnerships.

Comment on this article in The Forum.He compared the situation to 1999, when he headed the FBI's National Infrastructure Intrusion Center's computer intrusion unit and "there wasn't all that much we could do" in the face of a cyberattack.

Henry said certain countries have mounted aggressive campaigns to attack U.S. Internet assets like the .gov, .mil and .com Web domains. Some are interested in sensitive research and development data, while others, like terrorist organizations, see the value in stealing and selling sensitive data to fund physical attacks.

"The threat that we face from organized groups that have infiltrated home computers, corporate computers, government computers [is] substantial and its impact on economy is a national security concern," Henry said. He then hinted that an announcement, expected Thursday, will be "an example of really good cooperation" between the FBI and foreign counterparts.

The department's caseload of active cybercrime investigations is well into the thousands and the number has increased steadily in the past year, Henry said. That is due to a "greater sense of awareness about the amount of money that is to be made illegally" on the Web, he said. Malicious activity by armies of corrupted computers known as "botnets" and by criminal gangs is on the rise and a chief concern of the agency. Public awareness of the threat is also growing, he said. The FBI's Internet Crime Complaint Center has fielded more than a million complaints since May 2000 and the center hears from 18,000-20,000 victims per month.

At the briefing, Henry would not comment in detail on President Bush's largely classified government-wide initiative designed to better protect federal computer networks, which is being spearheaded by the Homeland Security Department. He shied away from commenting on a forthcoming report by the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency, which will recommend that government cybersecurity leadership in the next administration should reside at the White House. Both have been topics of hearings in the 110th Congress.

Henry's comments came a day after Homeland Security Secretary Chertoff spoke about the Bush administration's cybersecurity agenda, noting the topic would be a "major priority" for the next president. Unlike other areas of national security, the cyber realm "is not exclusively or even largely a federal responsibility," Chertoff said in a U.S. Chamber of Commerce speech that stressed the important role of the private sector.

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.