FBI Director: Cyberthreats 'Fluid and Far-reaching'

SAN JOSE, CALIFORNIA -- Hacker hunters need to develop new techniques to take on the latest generation of sophisticated and well-organized cybercriminals, FBI director Robert Mueller told attendees of the RSA Conference 2006 here today.

In particular, Mueller said in a keynote address, the FBI must work with corporations and international law enforcement to help combat online criminal acts that are seldom reported. With growing frequency, organized groups of criminals operating across international borders are perpetrating these acts, the FBI believes.

"Increasingly our cyberthreats originate outside of the United States," he said. "The once-clear divisions of jurisdiction and responsibility between agencies [and nations]...have been rendered obsolete by the fluid and far-reaching nature of today's threats."

Better Coordination

Over the past few years, the FBI has taken steps to strengthen the coordination of cybercrime investigations within the United States. Four years ago, it created its own Cyber Division, and the law enforcement agency has set up specially trained cybersquads in each of its 56 field offices across the United States, Mueller said.

The FBI now has more flexibility to work with international law enforcement and is helping build relationships with those foreign agencies by putting operatives "on the ground" in countries that may be hotbeds for cybercrime. These countries include nations such as Estonia and Romania, according to Steven Martinez, the deputy assistant director for the FBI's Cyber Division, who spoke after Mueller.

While the United States works with other countries on formal and treaty-level arrangements to speed up cooperation, FBI agents are endeavoring to develop direct ties to their counterparts in other countries, Martinez said. "You build those relationships," he said. "Then when you have larger problems come down the line, it's not the first time you've seen each other."

But the FBI's relationships with corporations and consumers, the most common victims of cybercriminals, are key to many of the FBI's investigations, Mueller said. "Information sharing is a two-way street," he said. "We recognize that in certain areas we lack the expertise that you possess."

One example of this type of information sharing occurred shortly after Hurricane Katrina hit the U.S. Gulf Coast last year. Within days, fraudsters had set up bogus Web sites soliciting money under the guise of providing disaster relief. The FBI worked with organizations such as the Red Cross, eBay, and MasterCard International to help shut down the phony sites, and ultimately it referred 100 such cases to local law-enforcement authorities, Mueller stated.

IntraGuard Initiative

Mueller also cited an FBI-backed initiative called IntraGuard that enables 3000 members--from Fortune 500 companies to small, family-owned businesses--to share information with law enforcement on the latest cyberthreats.

In addition, the FBI has helped establish an Internet Crime Complaint Center where about 18,000 "Internet-related consumer complaints" are logged each month, he said.

Still, most law enforcement experts agree that the vast majority of cybercrimes go unreported to law enforcement, with fears of reprisals or adverse publicity creating what Mueller called a "code of silence." (PC World delved into this area of cybercrime in a five-part series last year called "Web of Crime").

"You may believe that notifying authorities may adversely impact your position in the marketplace," he told the RSA Conference audience of computer security experts and vendors. But companies need to take a wider view of the situation, he said.

"Maintaining a code of silence will not benefit you or your company in the long run," Mueller said. "Our safely lies not only in protecting our own interest, but our critical infrastructure as a whole."