Feds face new threat paradigms related to cybercrime, terrorism

Sept. 14, 2016
FBI Director James Comey discusses wide range of issues in address at ASIS 2016

While the primary mission of the Federal Bureau of Investigation remains protecting the homeland against terrorist attacks, the agency is facing hurdles like it never has before. In addition, the proliferation of cybercrime and the various schemes being carried out by nation states and criminal enterprises alike are beginning to consume more of the FBI’s time and resources. At ASIS 2016 in Orlando on Tuesday, FBI Director James Comey spoke about these and other issues the agency is currently dealing with as they work to keep the nation safe from threats both foreign and domestic.

Cybersecurity

Comey said that federal agencies as well as private organizations are currently dealing with an influx of cyber threats the likes of which no one has ever seen. The perpetrators of these attacks make up what Comey said he likes to call the “evil layer cake” of actors who essentially fall into five different categories including;

  • Nation states that continue to carry out a number of sophisticated attacks against various U.S.-based entities
  • Cyber syndicates which are essentially criminal enterprises looking to steal and sell information for a profit
  • Those looking to extort money from businesses and government agencies via ransomware and other schemes
  • Individual hackers and groups that seek to cause chaos and disruption as a means of making a political statement or, more simply, just to intimidate and harass others
  • And lastly, terrorist groups, which use the internet to recruit, inspire, proselytize, and recruit and direct attacks.

“How do we see [these threat actors] operating? As I said, increasingly sophisticated, focused on larger targets and increasingly combining multiple tactics, multiple techniques almost all of which involve some effort to harvest inside information and to focus on harvesting that information about your employees through social media ,” explained Comey. “As we’ve made our systems harder and harder to get into from the outside, our people become the weak link.”

Despite their best efforts, Comey said that terrorists have yet to figure out how to use the Internet to physically attack critical infrastructure systems in the West, however, he said that will not always be the case.

“We’ve worked so hard to make it difficult for them, as physical beings, to get into this country. They will eventually try to come in as photons and do some more harm,” Comey added.

Comey said the FBI is focusing on five different ways to contribute to the larger, overarching goals of reducing the vulnerability of public and private sector organizations to cyber threats as well as minimizing these threats and mitigating the damage that can result from a successful network penetration. Among these include:

  1. Better utilizing personnel assets. For many years, Comey said the agency has focused on where a particular crime has occurred, but when it comes to cybercrime, he said the physical manifestation of the crime doesn’t really matter. As a result, the FBI is allowing the best and most qualified agents to work cyber cases regardless of whether or not they occurred in the jurisdiction of their field office. The agency has also formed a cyber action team consisting of various experts who can respond to an incident at a moment’s notice.
  2. Shrink the world. Just as the government has done with its intelligence sharing efforts related to terrorism cases, Comey said they also want to streamline the way all of the different agencies exchange data about cybersecurity incidents so that information gets to the right people in a timely manner.
  3. Impose costs on hackers. Comey firmly believes that prosecuting cyber criminals and locking them up for their crimes would serve as an effective deterrent to hackers to let them know that the nation is not going to stand idly by and let them operate with impunity.
  4. Help state and local law enforcement. Because the FBI can only handle so many cases, Comey said it is imperative that their law enforcement partners on the state and local level be better enabled to investigate cyber-crimes in their jurisdictions moving forward.  
  5. Work better with the private sector. Comey said the fact that so many organizations fail to report that they’ve been victimized by a cyber intrusion to the authorities is disheartening and shows that they need to do a better job of helping companies realize it is their best interests to work with the FBI and other agencies to get to the bottom of these schemes.

“We have to get to a place beyond that where the enterprises that have been victimized or the firms they’ve hired to help them remediate can talk to us about it,” Comey said. “We get that the company’s primary need is to get back to normal but we have to figure out who’s behind the attack and our interests are actually aligned here. It’s foolish for a company to think that we just need to get this out of our system and get on with our lives because they will be back.”

Terrorism

Comey said that the Islamic State has fundamentally changed the way that terror groups operate in how they recruit, train and attack. People who al-Qaida would have never thought about using – drug addicts, criminals and those with mentally health problems – are routinely inspired and encouraged to carry out attacks by ISIS and their affiliates. The challenge for the FBI, according to Comey, is two-pronged: find those who seek to travel abroad to train and fight for ISIS and also find those who may be consuming their online propaganda and are becoming self-radicalized as a result.

Comey believes that when coalition forces eventually destroy ISIS sometime in near future that the “diaspora” of terrorists leaving the region to return to their homes in the West will create an even bigger problem for law enforcement authorities moving forward.

“This ISIL threat dominates our life and there is a piece of it we don’t talk a lot about outside the government but I want you to know we have our eye on it,” he said. “The Islamic State is going to be crushed. But between the fingers of that crush are going to come hundreds of really, really bad people because they’re not all going to die on the battlefield. When the crush happens and the territory is utterly lost, between those fingers are going to come Western Europeans who have now been trained and hardened in extraordinary ways and they are going to flow back into Europe and try to bring the fight back to you.”

One thing that has made the job of the FBI and other law enforcement agencies exceedingly difficult when it comes to tracking suspected terrorists is the increase in communication apps that feature default encryption which allows citizens to essentially “go dark” with their communications. On the other hand, tech companies are obviously sensitive to the privacy of their customers and they have butted heads with authorities in recent months as two sides have been unable to achieve a compromise. However, Comey is hopeful that they can sit down with tech companies sometime early next year to talk about the issue in more detail.

 “We hope to facilitate an adult conversation in this country next year about what can be done about this,” Comey said. “We hope to facilitate a conversation that is filled with information and data where no one is demonized. We all care deeply about safety and privacy on the Internet but we also care deeply about public safety.”  

About the Author

Joel Griffin | Editor-in-Chief, SecurityInfoWatch.com

Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com, a business-to-business news website published by Endeavor Business Media that covers all aspects of the physical security industry. Joel has covered the security industry since May 2008 when he first joined the site as assistant editor. Prior to SecurityInfoWatch, Joel worked as a staff reporter for two years at the Newton Citizen, a daily newspaper located in the suburban Atlanta city of Covington, Ga.