Last week, when the Senate’s Subcommittee on Terrorism and Homeland Security held a hearing entitled “Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace”, the NSA wasn’t the only agency who gave an overview of its actions and practices concerning the subject.
Steven R. Chabinsky, Deputy Assistant Director, of the FBI Cyber Division, also addressed the Subcommittee. He stated that “the FBI considers the cyber threat against our nation to be one of the greatest concerns of the 21st century.”
He also made known that the most sophisticated adversaries are capable of altering software and hardware destined for the US during their passage through the global supply chain route, can remotely intrude on US networks, monitor communication and position insiders within those networks, and that all this may “provide them with pre-positioned capabilities to conduct computer network attacks.”
The FBI has yet to see sophisticated attacks coming from terrorist organizations, but knows that they are aware of the disruptive and damaging consequences of cyber attacks and are “shopping around” for experts outside their immediate circle.
Chabinsky reminded that “terrorists do not require long term, persistent network access to accomplish some or all of their goals. Rather, a compelling act of terror in cyberspace could take advantage of a limited window of opportunity to access and then destroy portions of our networked infrastructure”, adding that the US’ continuing deployment of new technologies lacking adequate security significantly raises the possibility of such an opportunity.
Since cyber crime is a reality, and cyber war has from the very start been a realistic possibility in the minds of those who are designated to protect the nation, the FBI has established (in 2002) its Cyber Division, that has around 2,000 special agents that have received cyber training, and over 1,000 advanced cyber-trained FBI special agents, intelligence analysts, and digital forensic examiners. The Cyber Division’ latest success was the Operation Phish Phry.
The FBI has also established (way back in 1996) and runs InfraGard, a partnership in which both government and private sector experts work on reducing physical and cyber threats against US’ critical infrastructure. The InfraGuard network consists of more than 33,000 members nationwide.
At the consumer level, the FBI organized the Internet Crime Complaint Center (IC3), whose website is the leading national cyber crime incident reporting portal. Its task is to analyze submissions and refer the complaints to law enforcement agencies to investigate.
“Internationally, the FBI operates 75 legal attachÃ© offices and sub-offices around the world to assist in international investigations, including cyber investigations, providing coverage for more than 200 countries, territories, and islands. The FBI’s international efforts have led to the arrest of hundreds of cyber criminals throughout the world, resulting in the dismantlement of major transnational organized crime rings that once preyed on Americans,” Chabinsky reminded the Subcommittee.
The RBS Worldpay case, the Heartland and TJX cases, the aforementioned Operation Phish Phry, the dismantlement of Darkmarket (an online transnational criminal organization that was involved in buying and selling stolen personal and financial information) – these are just a few examples of FBI’s successful collaboration with international partners.