Cyber-terrorism a real and growing threat: FBI

Mar 05, 2010 by Glenn Chapman
Terrorists, crooks and nation states are ramping up cyberassaults that are eating away at data, cash and security in the US, according to the head of the FBI, Robert Mueller (pictured in February).

Terrorists, crooks and nation states are ramping up cyber-assaults that are eating away at data, cash and security in the United States, the head of the FBI warned.

"The risks are right at our doorsteps and in some cases they are in the house," chief Robert Mueller said in a Thursday speech at an RSA Conference of computer security professionals here.

"Working together we can find the people taking shots at us and stop those attacks."

Mueller was the third high-ranking federal official in as many days to urge private industry to join forces with the US to battle spies, terrorists and crooks plaguing the Internet.

"As you well know, a could have the same impact as a well-placed bomb," Mueller said.

"In the past 10 years, Al-Qaeda's online presence has become as potent as its in-world presence."

Al-Qaeda uses for the Internet range from recruiting members and inciting violence to posting ways to make bio-weapons and forming social-networks for aspiring terrorists, according to Mueller.

"The cyber-terrorism threat is real and rapidly expanding," Mueller said.

"Terrorists have shown a clear interest in hacking skills and combining real attacks with cyber attacks."

Threats are also rising from online espionage, with hackers out for source code, money, trade and government secrets, according to the FBI.

"Every major company in the US and Europe has been penetrated -- it's industrial warfare," said Richard Clarke, who was a White House adviser under three prior US presidents.

"All the little cyber devices that the companies here sell have been unable to stop them. China and Russia are stealing petabytes of information."

Clarke, now a partner at Good Harbor Consulting firm, was among the RSA panelists discussing cyber-warfare.

"Nation states have created cyber-warfare units. They are preparing the battlefield," Clarke said.

"We have the governments of China and Russia engaging in daily activities successfully that the US government and private industry are not stopping and they are stealing anything worth stealing."

Even seemingly innocuous information about companies is swiped for "spearphishing" attacks in which hackers dupe influential employees into downloading malicious computer codes into company networks.

"We are bleeding data... byte by byte and in some cases terabyte by terabyte," Mueller said.

"We are playing cat and mouse and, unfortunately, the mouse seems to be one step ahead most of the time."

Mueller urged computer security professionals to join in a united, international alliance with law enforcement agencies to battle enemies in cyberspace.

He credited such teamwork with resulting in the recent arrest of three men in Spain suspected of running a network of nearly 13 million computers secretly infected with malicious software and used for nefarious deeds.

Mueller called on victims of cyber-attacks to break the pattern of remaining silent out of fear that reporting crimes would hurt their positions in the marketplace.

"Maintaining the code of silence will not benefit you or your clients in the long run," Mueller said. "We must continue to do everything we can together to minimize and stop these attacks."

Mueller invited savants to join the FBI, echoing a similar offer extended a day earlier by US Department of Homeland Security Secretary Janet Napolitano.

White House Internet security coordinator Howard Schmidt on Tuesday at RSA released a declassified version of a Comprehensive National Cybersecurity Initiative.

CNCI was crafted as the result of a directive signed by then-president George W. Bush in January 2008.

Explore further: Facebook dressed down over 'real names' policy

add to favorites email to friend print save as pdf

Related Stories

Cyber warriors gather as online battles rage

Feb 28, 2010

US national security leaders and top cyber warriors from around the world are gathering here to plot defenses against criminals and spies that increasingly plague the Internet.

Obama setting up better security for computers

May 29, 2009

(AP) -- America has for too long failed to adequately protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to take on the job.

'New arms race' taking shape in cyberspace: Van Loan

May 27, 2009

A "new arms race" is taking shape in cyberspace, Canada's security czar said Wednesday, lamenting ever bolder and more sophisticated attacks on government websites by Russia, China and others.

UK looks to young geeks to secure cyberspace

Jun 25, 2009

(AP) -- Britain is hiring former computer hackers to join a new security unit aimed at protecting cyberspace from foreign spies, thieves and terrorists, the country's terrorism minister said.

Recommended for you

Facebook dressed down over 'real names' policy

16 hours ago

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

23 hours ago

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

User comments : 8

Adjust slider to filter visible comments by rank

Display comments: newest first

finitesolutions
Mar 05, 2010
This comment has been removed by a moderator.
Royale
1 / 5 (1) Mar 05, 2010
well, the name suits you. finitesolutions are certainly a way to describe your idea. 'drop dead'. How informative. I think many of us will take that advice. I think the scary thing that people don't realize and the FBI is pointing out is that virus writers/hackers test all of their code against all the major scanners. So your system can come up clean and still not be. You need to make sure EVERY piece of your network is secure. Right down do your home router. you need to disable online access to it and change the default password. that's before you even turn your computers on.
Doug_Huffman
not rated yet Mar 05, 2010
"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." * This was written by Franklin, but with quotation marks.
smilest
not rated yet Mar 05, 2010
He and the rest of the authorities are very nieve. They can throw gobs of money and people at it, but the real problem is it's mis-managed. The policies of government along with the policies of corporations and unwise laws passed by congress are contributing to the problem.

the directors and politicians and other people need to step back and let the engineers come up with the solutions. Those in charge are currently trying to fill up the bucket, but they haven't fixed any of the holes.

First, congress needs to pass a privacy bill which protects individule privacy a LOT more than it does now. Restricting companies from using personal information in any way other than billing purposes. If that happens, half the problems go away right there.

Second, we are the host nation to the internet and we need to maintain control of it. That means we do not give any control of any part of it to any foreign entity.

Third, get out of the way and let us engineers do our stuff.
RayCherry
not rated yet Mar 05, 2010
The Internet does exactly what it was intendended to do: it permits computers to be connected to a global network for the purpose of sharing information. If you do not want to share your information, then do not put it on the Internet. There never was a complete solution for security or privacy on the Internet, and all attempts to provide it are 'brain teasers' for millions of computer programmers/engineers who enjoy going wherever they are not invited. Give them an income for doing what they enjoy, and sooner or later they become mercenaries. Governments and Corporations have been hiring them for decades, funding independent comercial ambition with little or no moral, social or (open) political guidance, nor any thought for the long term consequences ... reap what you sow.
hylozoic
not rated yet Mar 06, 2010
What's been sown? secrecy, not freely and equally exchanging information, introduction of noise into the IS... this guys 'call to arms' has me without a dry seat! Best quote: "We are bleeding data..." hahahaha! What a total nubbie.
Bitflux
not rated yet Mar 06, 2010
It's impossible to secure IT systems - statistically there is a hackable bug pr. 20 lines of code in any program... They can patch till their fingers bleed, it wont help.
If youve been hit by one of the "good hackers", you wont even know theyve been there, they wont leave a trace behind.
People keep talking about good firewalls, but why hack a firewall, when you can abuse a poorly written piece of code that communicates through the firewall and take over the box on the other side.
Caliban
1 / 5 (2) Mar 06, 2010
Essentially, instead of having just one "set" of hackers- you end up with two- or, at the very least, a crime control effort will, at some point, just morph into wholesale internet surveillance in the name of "security".
It's a lot easier to net sardines than land a whale, and pound for pound, they add up pretty quick.
KB6
not rated yet Mar 07, 2010
The one thing that never ceases to amaze me is the number of times that hackers have gained access to sensitive data, like credit card or social security numbers, financial data, medical information, passwords, etc., that was apparently sitting in some server somewhere totally UNENCRYPTED!
I mean, how damn hard is it to implement a simple encryption scheme?