RSAC 2019: FBI Chief Urges Closer Public-Private Collaboration in Cyber Fight

During its 111-year history, the FBI has locked horns with everyone from John Dillinger to Lucky Luciano. But when agency chief Christopher Wray talks about the challenges facing his organization, cyber security is right at the top of his list.

Wray, who was sworn in as FBI Director in August 2017, said that both the range of attack methods as well as their sophistication have continued to increase during his tenure.

“The scope of the threat is unparalleled,” said Wray, who was speaking to attendees at the RSA Conference, which takes place this week in San Francisco.

I think in particular, we’re seeing a greater uptick from various adversaries…and an increase in the trend toward blended threats where foreigners enlist the help of mercenaries,” he said. “Certainly, we’re trying very, very hard to stay focused in order to stay ahead of the threat.”

That threat is also coming increasingly from overseas. Wray pointed to recent cases the FBI has prosecuted against hacker groups that he said were affiliated with foreign governments. That in turn, Wray added, has added to the burden his agency – and law enforcement more generally – are now forced to shoulder.

“Today’s cyber threat is bigger than any one government agency,” he continued, adding that “cyber now represents a multi-disciplinary threat that requires a multi-disciplinary response.”

That was the jumping off point for the larger reason for his appearance at a venue for geeks: Enlisting greater help from the technical community in what’s shaping up to be a long-term war of attrition with savvy adversaries operating in the shadows.

“The need for a public-private sector partnership is higher than in any other area,” Wray said. He said that one of his goals is to enlist the support of more companies in the private sector to form relationships before trouble hits. The key, he said, is not just mitigation but prevention.

“At the end of the day, we need each other in a way that’s becoming more and more apparent,” Wray said. “Just as technology has become a force multiplier for the good guys, it has become force multiplier for the bad guys.”

Wray said the FBI is also taking more “forward-looking” steps - including routine classified briefings to give companies cyber security guidance – in a bid to help them better operate in today’s threat environment. He talked about some of the assets that the FBI brings to bear in that effort, which includes:

• 350 offices around the U.S.
• A rapid deployment force that’s equipped to respond to cyber attacks almost anywhere in the world
• A 24-hour cyber watch team that provides victim notification in case of cyber attacks
• Agents working overseas in at least 65 countries

And, he noted, that effort has borne fruit. He referenced an incident where the FBI learned that a hacker had obtained the names of US personnel and then provided the data to ISIS. He said the agency wouldn’t have found out about that breach without the help of their information-sharing program with the private sector.

“I would love to see people come together to work toward solutions,” Wray said, adding that during his 18 months on the job, it’s become increasingly clear “there are solutions if people put their heads together.”

That collaboration has borne fruit. For instance, Symantec has shared its knowledge with the FBI and other law enforcement agencies around the world to help them identify and shut down the attackers’ operations. The company lent informational support to the FBI when the agency dismantled a cyber crime ring that was running a global ad-fraud botnet. The ring had infected as many as 700,000 consumer and data center computers with two types of malware that, together, created counterfeit websites and generated fraudulent traffic to the advertisements on those sites.

All told, the fake visitors generated click-through ad revenue of more than $35 million, paid by businesses unaware that their ads were never actually viewed by real people. The U.S. Attorney’s Office of the Eastern District of New York outlined the scheme in a November 2018 press release that also announced the dismantlement of the network and the arrest of the scheme’s perpetrators.