Good morning and thank you for inviting me
to speak at the opening of today's Third Annual
Cyber Security Summit.
At the outset, I would like to discuss what
I see as the two great threats to cyber-security,
as well as some of the related challenges
we all face as our technology becomes ever
more enabling, while still remaining vulnerable
to attack.
First,
from the FBI’s perspective, there are
a number of traditional crimes that have migrated
online: the garden variety frauds, identity
theft, copyright infringement, child pornography,
and child exploitation.
As you all know, the powerful technologies
that have done so much to improve the quality
of our lives are also being used by some of
the worst elements of our society: small-time
criminals who can take on a whole new persona
on the Internet; malcontents who can find
like-minded hate groups; and scam artists
who think they can escape detection in the
anonymity of the web.
FBI projections indicate that the number of
Internet-enabled crimes will increase radically
over the next few years, with the potential
for driving down consumer confidence in Internet
security and stunting the growth of e-commerce,
neither of which the United States can afford.
The second problem is the evolution of a new
category of crime, which include computer
intrusions, denial-of-service attacks, worms,
viruses, and the like. These types of attacks,
quite obviously, did not exist in the days
before computers, but they are a powerful
threat that we must all address.
In response to these problems, the FBI has
reshaped itself in a number of ways. Shortly
after the 9/11 terrorist attacks, FBI Director
Robert Mueller made terrorism and counterintelligence
the number one and two priorities, respectively,
for the FBI. The FBI has done so, because
there is no other agency with the necessary
skills, network, and resources to address
these critical matters nationally and globally.
At the same time, Director Mueller identified
the danger that cyber threats pose to our
nation and made cyber crimes and intrusions
the FBI's number three priority. In doing
so, the Director recognized not only the rapidly
expanding cyber threat, but also the FBI’s
well-established capabilities and expertise
in addressing these threats. He saw that through
our leadership in establishing the National
Infrastructure Protection Center, and through
our experience—and successes—in
areas like white collar crime, computer investigations,
and Internet child exploitation cases, there
already existed a strong base upon which this
new priority could be pursued.
To emphasize this new priority, Director Mueller
approved the establishment of the Cyber Division
in early 2003, with a mission to detect, prevent,
and investigate cyber-based attacks and high
technology crimes. The cyber division now
stands as one of four operational divisions
in the FBI along with our counterterrorism,
counterintelligence, and criminal divisions.
We believe that with the establishment of
the Cyber Division, the FBI is uniquely postured
to play an important role—and an integral
part—in protecting the technological
infrastructure of the United States from threats
and attacks.
We recognize as we look a few years down the
road, and as technology continues to evolve
and change, the FBI must have the necessary
expertise to address cyber attacks on our
infrastructure and to address cyber-crime
in all of its forms. Since 9/11, we have consolidated
various computer-related investigative responsibilities
within our organization into the Cyber Division.
In doing so, we have sought to aggregate the
technological and investigative expertise
necessary to meet the challenges that lie
ahead.
In further addressing the Bureau's cyber capabilities,
the FBI has significantly changed its hiring
philosophy. In the past we have targeted lawyers,
accountants, former law enforcement, and former
military for recruitment. But with changing
priorities, our hiring practices are changing
as well. What we are looking for now are individuals
with more specific and focused skill sets—skills
that are critical to our mission. Of course
we are targeting individuals with specific
counterterrorism and intelligence backgrounds,
or expertise in critical foreign languages.
And in this world of emerging cyber threats,
we are recruiting and hiring individuals who
possess degrees and experience in computer
sciences, information systems, or related
disciplines. In the wake of 9/11, we are looking
for specialists who possess a bedrock of experience
and a profound understanding of the cyber
world.
In addressing the various cyber threats the
FBI recognizes that we cannot do this work
alone. It is important for us as an agency
to understand that, while we bring substantial
investigative and organizational talents to
the table, there are other law enforcement
agencies who bring equal talents and capabilities
that can be leveraged against these threats
as well.
We are working closely and cooperatively with
our law enforcement partners at the local,
state, and federal level. By combining our
capabilities we can work cooperatively to
maximize the effect.
Finally, the FBI recognizes the importance
of working closely with the private sector
and academia. We recognize that in certain
areas we lack the expertise that you possess,
and that for us to be successful we need your
help.
As we address cyber crimes—whether it
be denial-of-service attacks, hacking attacks,
or worms or the like—we need to work
with you, share with you, leverage your expertise,
and be attentive to your practical concerns.
Those of you who are here from the corporate
world are potentially the real victims in
these cases. And, it is important for us to
understand the very real concerns you have
when your organizations are victimized by
cyber criminals.
We in law enforcement have to understand that
when we are called into an investigation,
the mere fact that you have called on us can
adversely impact your organization’s
image and competitive position in the marketplace.
We in law enforcement have to understand that
there may be legitimate privacy concerns that
you need to protect in order to maintain the
trust of your customers and clients. We must
understand that putting on raid jackets and
coming in hard, with a lot of publicity, will
not necessarily be the kind of help you are
looking for. And, in turn, it may not be the
best way for us to get the job done.
Aside from privacy concerns, we also understand
your concerns regarding the protection of
your intellectual property, which, depending
on the circumstances, could be contained in
media we would have to seize as evidence of
an intrusion into your networks or systems.
We understand that we have a duty to minimize
the disruption to your operations and to protect
intellectual property we may have access to
in the course of an investigation.
I would like to specifically address the subject
of reporting cyber attacks on private sector
computer systems to the FBI. The FBI receives
only about one-third of the reports that we
would like in computer intrusion matters—and,
most likely, for some of the reasons I have
just discussed.
If we as an agency are to become more predictive
and pro-active in the future and prevent cyber
attacks from happening, we need a more comprehensive
intelligence base that will enable us to record
and examine all of the tools and techniques
hackers are using to attack the cyber infrastructure.
So, at the outset, the anchor required in
this effort is for the FBI to be notified
of all attacks.
The other side of this coin is that there
have to be sanctions on the attackers. You
want attacks stopped; you want hackers stopped;
you don't want to face these problems down
the road—so you invest in the best possible
protection. But then the attacker will move
along and victimize the next company. That
is not good for the industry, it is not good
for your partners and peers in the industry,
and it is especially not good for the confidence
of the customers and clients you serve. There
have to be sanctions—and the most effective
sanction is locking these criminals up.
So the successful future of cyber cases lies
not in merely protecting your own systems.
If there are criminals out there who are going
to continue hitting company after company,
it is essential that we go after them aggressively.
The sanction and the most effect deterrent
has to be putting these criminals in jail.
Now, and in the future, we need your cooperation
as victim companies—to help provide
us with the intelligence and evidence that
will enable us to do just that.
The FBI is also working hard to address the
international dimensions of these attacks.
We have enhanced our international capabilities,
because many of the most damaging DDoS and
hacking attacks are initiated from overseas.
Through our 47 legal attache offices overseas
we have established the contacts necessary
that will enable us to address these cyber
threats outside of our borders.
The core principle in all of this is, of course,
cooperation. We must employ cooperative efforts
among law enforcement entities at all levels—cooperative
efforts with our counterparts overseas, and,
critically, cooperative efforts between private
industry and law enforcement—us and
you.
In closing, I want to emphasize that events
like this gathering today enable us with the
opportunity to discuss common issues and threats
and the challenge to explore innovative solutions.
More importantly, though, this event enables
us to establish and solidify the relationships
that will ensure our success in addressing
cyber threats in the future.
I thank you for your attention this morning,
and I applaud you in your efforts to work
so hard together to protect our country against
cyber threats and cyber criminals.
