New FBI Dir.: “resources devoted to cyber-based threats will equal or even eclipse the resources devoted to non-cyber based terrorist threats”

FBI Director James B. Comey testified before the Senate Committee on Homeland Security and Governmental Affairs yesterday, November 14, 2013.  He expects that the resources devoted to all the many other things that the FBI does will be equaled or even eclipsed by the resources the FBI devotes to cyber threats.  That makes the FBI primarily a cyber agency, a radical change from what it was just 15 years ago or less.

Here are the portions of his testimony devoted to cyber:

Cyber Threats

The diverse threats we face are increasingly cyber-based. Much of America’s most sensitive data is stored on computers. We are losing data, money, and ideas through cyber intrusions. This threatens innovation and, as citizens, we are also increasingly vulnerable to losing our personal information. That is why we anticipate that in the future, resources devoted to cyber-based threats will equal or even eclipse the resources devoted to non-cyber based terrorist threats.

The FBI has built up substantial expertise to address cyber threats, both in the homeland and overseas.

Here at home, the FBI serves as the executive agent for the National Cyber Investigative Joint Task Force (NCIJTF) which joins together 19 intelligence, law enforcement, and military agencies to coordinate cyber threat investigations. The FBI works closely with our all our partners in the NCIJTF, including the National Security Agency (NSA) and the Department of Homeland Security (DHS). We have different responsibilities, but we must work together on cyber threat investigations to the extent of our authorities and share information among the three of us, following the principle that notification of an intrusion to one agency will be notification to all.

While national-level coordination is important to securing the nation, teamwork at the local level is also essential. After more than a decade of combating cyber crime through a nationwide network of interagency task forces, the FBI has evolved its Cyber Task Forces (CTFs) in all 56 field offices to focus exclusively on cyber security threats. In addition to key law enforcement and homeland security agencies at the state and local level, each CTF partners with many of the federal agencies that participate in the NCIJTF at the Headquarters level. This promotes effective collaboration and deconfliction of efforts at both the local and national level.

Through the FBI’s legal attaché offices around the globe and partnerships with our international counterparts, we are sharing information and coordinating cyber investigations more than ever. We have special agents working alongside our foreign police department partners; they work to identify emerging trends and key players in the cyber crime arena.

It is important to note that we are also coordinating closely with our federal partners on the policy that drives our investigative efforts. Although our agencies have different roles, we also understand that we must work together on every significant intrusion and to share information among the three of us, following the principle that notification of an intrusion to one agency will be notification to all.

In addition to cooperation within the government, there must be cooperation with the private sector. The private sector is the key player in cyber security. Private sector companies are the primary victims of cyber intrusions. And they also possess the information, the expertise, and the knowledge to address cyber intrusions and cyber crime in general. In February 2013, the Bureau held the first session of our National Cyber Executive Institute, a three-day seminar to train leading industry executives on cyber threat awareness and information sharing.

One example of an effective public-private partnership is the National Cyber Forensics and Training Alliance, a proven model for sharing private sector information in collaboration with law enforcement. Located in Pittsburgh, the alliance includes more than 80 industry partners from a range of sectors, including financial services, telecommunications, retail and manufacturing. The members of the alliance work together with federal and international partners to provide real-time threat intelligence, every day.

Another initiative the FBI participates in, the Enduring Security Framework, includes top leaders from the private sector and the federal government. This partnership illustrates that the way forward on cyber security is not just about sharing information, but also about solving problems together.

We intend to build more bridges to the private sector in the cyber security realm. We must fuse private-sector information with information from the intelligence community and develop channels for sharing information and intelligence quickly and effectively.

In the last several years, the distribution of malicious software through networks of infected computers, or botnets, by online criminals has emerged as a global cyber security threat. As a response, the FBI developed Operation Clean Slate, a broad team effort to address this significant threat. Operation Clean Slate is the FBI’s comprehensive public-private approach to eliminate the most significant botnet activity and increase the practical consequences for those who use botnets for intellectual property theft or other criminal activities.

In April 2013, the FBI implemented this plan and identified the Citadel botnet as the highest priority botnet threat. Citadel is a type of malware known as a banking trojan. This type of malicious software is designed to facilitate unauthorized access to computers to steal online banking credentials, credit card information, and other personally identifiable information (PII).

Focusing on the Citadel malware, Operation Clean Slate identified the specific actors: the coders who create the botnet, the herders who aggregate victim computers, and the users who utilize the botnet. We also identified intended or actual victims of the botnet.

The FBI and its global partners then took action against Citadel. Through court-ordered authorizations and leveraging industry partnerships, more than 1,400 controlling components of the botnet were disrupted, essentially ceasing its operations. Once these controlling components were rendered inoperable, it is estimated Operation Clean Slate freed more than 2.1 million robot computers from this malicious network.

The FBI must continue to develop and deploy creative solutions in order to defeat today’s complex cyber threat actors. Instead of just building better defenses, we must also build better relationships, overcoming the obstacles that prevent us from sharing information and, most importantly, collaborating.

Tags: , , , , ,

One Response to “New FBI Dir.: “resources devoted to cyber-based threats will equal or even eclipse the resources devoted to non-cyber based terrorist threats””

  1. […] reports that Anonymous hackers have stolen information on more than 100,000 employees, and that it anticipates dedicating at least as many resources to cyber security  as to traditional law enforcement. Also, […]

Leave a Reply

You must be logged in to post a comment.


Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. She is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography