News

FBI Teams With International Agencies To Target Cyber Crime

• By Henry Kenyon
• 12/13/2011

The FBI is working closely with international law enforcement agencies to fight cyber criminals on their own turf, said Shawn Henry, executive assistant director of the FBI's Cyber Response and Services Branch, at the recent Cybersecurity Conference and Exposition in Washington D.C.

Henry said cyber crime is a global issue that tops the lists of many other nations' threats, which is why the bureau is embedding agents in law enforcement organizations around the world. There are currently FBI personnel working in Estonia, Ukraine and the Netherlands, he added.

This overseas cooperation has netted some major victories. One example is Operation Trident Breach, in which the FBI worked with international law enforcement agencies to arrest a gang of hackers targeting international financial transactions. After an investigation conducted with the United Kingdom and the Ukraine, Henry said, more than 90 people were arrested in connection with the hacking scheme.

Another FBI action was Operation Core Flood, where the bureau worked with the private sector to disable a botnet that infected more than 2 million computers worldwide. The FBI was able to gather the address and domain names of the infected computers and rerouted command messages to effectively put the network to sleep, he said.

The FBI worked with the Estonian police to arrest six individuals involved in the Ghost Click scam, which was generating illicit fees from bogus online advertising.

Partnership with industry and the broad private sector is vital to stopping cyber crime, Henry said. For example, the FBI has worked with the financial sector to look for weaknesses in the industry's computer networks. Based on this data, the bureau released a joint document to alert the industry to threats, he said.

But despite the bureau's efforts, there continue to be major challenges in cyberspace. The FBI is redoubling its efforts to educate both industry and the public about cyber crime. "This is a human issue, and human beings are the solution," Henry said. 

Companies must evaluate how they transmit data. Henry said lax security must not be tolerated, adding that many firms have good security policies but do not implement them properly. "If it's not conducted by the leadership of the company, then shame on them," he said.

Firms must also be open with law enforcement when there are illicit intrusions on their networks. Many firms delay when they report an incident out of fear of angering their shareholders. But if companies are timely in their reports, it will put them in better standing with regulators. "Most everyone will be breached at some time or another," he said.

Even if a company is unaware of an intrusion, the FBI will often find out before the company does. This usually happens during the course of an investigation when seized data leads back to companies that had been unknowingly breached. The bureau's first priority in these situations is to alert the victims, he said.

The primary responsibility of the FBI with regard to cybersecurity is to work with private industry to protect commercial networks, Henry said. There are many challenges, including security flaws dating from the birth of the Internet that favor criminals. He challenged industry to develop alternate technology environments with built-in authentication and other defenses because new steps are necessary to counter cyber crime.

"They want our money, property, information, and some even want to physically harm us," he said.