Facing the Cyber Threat
Op-Ed by SAC Stephen D. Anthony

The following opinion piece, published on March 28, 2014, on cleveland.com, was written by FBI Cleveland Special Agent in Charge Stephen D. Anthony. It is scheduled to be printed in the Sunday, March 30, 2014 edition of The Cleveland Plain Dealer.

The Internet touches everything and everyone. For that reason, it has also provided the means for hostile foreign nations, hackers for hire, and criminal syndicates to steal our personal information, intellectual property, technology, and state secrets. Terrorists may seek to strike our critical infrastructure and our economy.

As FBI Director James Comey told Congress last year, we expect threats posed by cyber crime attacks to surpass threats posed by terrorists as our top national security threat.

We here in Northeast Ohio—with our concentration of manufacturers, world-class hospitals, and research universities—are not immune to the threat.

Given the scope of this threat, we in the FBI are working side-by-side with our partners, including the U.S. Department of Homeland Security and the Department of Defense.

We are targeting high-level intrusions—the biggest and most dangerous botnets, state-sponsored attacks, and global cyber rings. FBI agents, analysts, and computer scientists combine technical skills and traditional investigative techniques—including sources and court-authorized interception of communications, surveillance, and forensics—to find and stop cyber criminals. We are working with our federal, state, and local partners and instituting Cyber Task Forces in each of our field offices across the United States, including here in Northern Ohio. Our 64 Legal Attaché offices around the world coordinate international cyber investigations, and we have special agents embedded with police departments overseas in cyber “hot spots” to identify emerging trends and key players.

But we cannot do it alone. Whether it’s a bank robbery, a murder investigation, or a sophisticated cyber intrusion, law enforcement cannot succeed without witnesses and community support. Our private sector partners are the primary victims of the cyber threat, yet they also possess the knowledge we need to stop these attacks.

I understand why businesses may be reluctant to report computer intrusions. They are worried about privacy issues and shareholder lawsuits, loss of competitive edge, and negative publicity. There is still some confusion about the “lanes in the road” when it comes to the federal government and cyber security. And to some it may seem that cooperating with the government is bad for the bottom line.

But former FBI Director Robert Mueller summed it up succinctly two years ago when he said, “There are only two types of companies: those that have been hacked, and those that will be.”

We must overcome companies’ worries to better protect the private sector’s proprietary information and customer data. We must share as much information as we can, as quickly as possible, so that companies can minimize any breach. And we must continue to build strong partnerships. As the special agent in charge, our office, including myself, is committed to being on a first-name basis with key industry partners in our community. Our office needs to know what private sector businesses need from the FBI and how best to protect their interests.

We also need the means to share information instantaneously. Human speed—typing an e-mail or making a phone call—won’t cut it anymore. As a first step, we in the FBI have created a malware repository that provides near real-time investigative information. If your company has been hacked, you can send the malware to us and, in most cases, receive a report within hours on how it works, what it might be targeting, and whether others have suffered a similar attack. In Northern Ohio, we are developing working groups between law enforcement, the private sector, and regulatory groups. These working groups are a first step towards seamless information sharing, which will help identify nefarious actors and protect our community.

We also want to provide an electronic means for reporting intrusions. Through a program called iGuardian, law enforcement and the private sector can share intrusion information, quickly and routinely. These are important steps. We must stop these threats before they become reality.

There has been much discussion of privacy in recent months and a fair amount of suspicion of the government, particularly with regard to electronic communications. Some believe there is an inherent conflict between protecting national security and preserving privacy and civil liberties. I disagree. The men and women of the FBI are sworn to protect both security and liberty. When a city posts police officers in a dangerous park, for example, so that families can use the park without worry, security has promoted liberty. At our best, that is our goal.

But the Internet park we all use is becoming more dangerous, every day. We face serious threats, and we need timely and accurate intelligence—including electronic communications—to stop those threats. If we are going to discuss altering the tools we use to collect information on individuals we believe are connected to criminal or terrorist activity, we must understand the benefits and the losses that may come with any change. The same is true when we allow the effectiveness of those tools to erode over time, through the failure to update our laws, or when our tools become less effective through unauthorized disclosures.

Intelligent people can and will disagree, but we can resolve these issues with open and honest communication. It will not be easy, and we will not always see eye-to-eye, but we must stand together to protect our data, our intellectual property, our economy, and our collective security.