FBI’s Top Cyber Official Discusses Threat
FBI.gov recently sat down with Shawn Henry to talk about the cyber threat and his FBI career.
In the past, in the physical world when somebody would rob a bank, the pool of suspects is limited to the number of people in the general vicinity of that bank.
Today when a bank is robbed digitally, virtually, although it is very real for the victims, the money is actually gone; the pool of suspects is limited to the number of people on the face of the earth that have a laptop and an Internet connection, because anybody with an Internet connection potentially can attack any other computer that’s tied to the network. So the barrier of entry is relatively low.
I think that going forward, this is not going away. I mean, we are not backing away from the Internet. We are not going to change technology.
As technology increases, this challenge becomes greater so when I started the threat was really to networks—mostly corporate networks—but since that time we moved into laptops and wireless laptops and then more recently into personal devices, whether it be smart phones, blackberries—those sorts are devices that allow access to the network anytime, everywhere.
Early on when I started there were website defacements and denial of service attacks and it was perceived, I think, generally to be kind of a prank by teenagers. But even then there were state actors sponsored by governments who were attacking networks, so while what got the attention of the media was the teenage hacker and those defacements because they were visible, quite frankly, there were more significant types of attacks and a more substantial threat actor that was in the background and was creating a challenge to our infrastructure.
We see three primary actors. Organized crime groups that are threatening, primarily the financial services sector, but more and more they are expanding the scope of their attacks. State sponsors, foreign governments that are interested in pilfering data, including intellectual property and research and development data from major manufacturers, from government agencies, from cleared defense contractors.
And increasingly there are terrorists groups who want to impact this country the same way they did 10 years ago by flying planes into buildings and they are looking at how they can challenge the United States and others in Western society by looking at critical infrastructure and to disrupt or harm the viability of our way of life.
I think we have grown substantially, particularly in the last four or five years, where we have hired much more technically proficient agents, many of whom have advanced degrees in computer science or information technology. They’ve got prior work experience as a systems administrator or as a network security technologist and we bring them onboard now and teach them to be FBI agents rather than trying to teach FBI agents how the technology works. So it’s given us a leg up in that regard and put our capabilities on par with anybody in the world.
We have actually stationed FBI agents overseas into the police agencies in a number of countries including Ukraine, Romania, The Netherlands, Estonia. These are not people that are assigned to the embassies as liaisons officers. These are FBI agents who are working 100 percent of their time in cyber space against cyber actors and they are sitting side by side with their colleagues in the national police agencies of those countries.
For many, many years when I was working in this space, the adversaries believed that they were immune to any type of prosecution because they were thousands of miles away in a foreign country with different laws and a law enforcement agency with different capabilities. That’s not the case anymore. We really, through our partnerships, have arrested hundreds and hundreds of bad actors who have targeted U.S. infrastructure, U.S. institutions, as well as foreign institutions and foreign infrastructure. But working together collaboratively we have been able to have an effective mitigation impact.
In the past, the FBI investigated cases and the goal was to arrest somebody. What we’ve learned post-9/11 is the value of intelligence in a number of ways. First, collecting intelligence is important because we have access to a lot of information.
Collecting intelligence allows us to be much more strategic about how we utilize our resources. It enables us to be much more effective in how we mitigate the threats. And by sharing the intelligence we collect with others who maybe to action where we can’t.
I have seen the collection that we’ve done in this organization, lawful collection of intelligence, that has helped prevent attacks, that has helped prevent crime, that has helped save lives.
And that is something that I’m proud of the organization for doing because it was a big change and sometimes change is hard but the leadership of this organization and the willingness of our agents and analysts to execute on that vision has made us a much stronger organization and made this country much, much safer.