Combining Old, New to Nab CybercriminalsRenewing Call for Gov't-Business Cooperation on Cybersecurity The FBI will combine the methods developed after Sept. 11 to combat terrorism, along with old-fashion gumshoe practices, to battle cybercriminals.
"Terrorism remains the FBI's top priority, but in the not too distant future we anticipate that the cyberthreat will pose the No. 1 threat to our country," FBI Director Robert Mueller said in a March 1 keynote address to the RSA security conference in San Francisco. "We need to apply the lessons of fighting terrorism and apply them to cybercrime."
After the 2001 terrorist attacks, the FBI expanded its joint terrorism task forces that include bureau agents, local and state law enforcement officers and the military to more than 100. "We are developing a similar model to fight cybercrime to build our capabilities as well as those of state and local law enforcement," Mueller said.
But, Mueller said, proven law enforcement methods will be employed to catch cybercriminals. "We must rely on the traditional capabilities of the FBI: sources and wires," he said. "We must cultivate the sources necessary to infiltrate criminal online networks, to collect the intelligences, to prevent the next attack and to topple the network from inside."
Mueller also said he sees terrorists, who employ the Internet to recruit and plan physical attacks, to begin causing digital damage as well. "To date, terrorists have not used the Internet to launch a full-scale cyberattack, but we cannot underestimate their intent," he said. "In one hacker recruiting video, a terrorist proclaims that cyber warfare will be the warfare of the future."
The FBI director echoed remarks he made at RSA Conference 2010, calling for cooperation between government and the private sector to share information on cybersecurity threats (see FBI Chief Calls for Business Cooperation). Mueller pointed out that it's often business that first identities cyberthreats and it shouldn't fear notifying the FBI when a breach occurs. He backed legislation before Congress that would encourage information sharing between government and business that would protect corporate secrets. Many businesses don't want to fess up to a breach because it could harm them with stakeholders.
Mueller also called for enactment of a national breach notification law that would supersede 47 separate state laws. A national breach notification law is seen as easing compliance by businesses that operate in multiple states.