[ISN] FBI cyber crime chief on botnets, web terror and the social network threat

From: InfoSec News (alerts@private)
Date: Tue Apr 15 2008 - 23:27:54 PDT


http://management.silicon.com/government/0,39024677,39188638,00.htm

By Nick Heath
silicon.com
15 April 2008

Q&A: Scott O'Neal, computer intrusion head, FBI cyber division

Scott O'Neal oversees the FBI's response to computer hacking and botnet 
attacks by criminals, terrorists and foreign powers.

The cyber division is one of the faster growing operational departments 
within the FBI. The growth of international cyber crime and terrorism 
over the past five years has spurred the FBI to establish dedicated 
cyber squads at each of its 56 field offices across the US and support 
70 cyber task forces nationwide, backed up by global intelligence 
gathering by its Internet Crime Complaint Centre.

O'Neal works at the cyber division headquarters at the FBI main office 
in Washington. The division tackles computer intrusion and cyber crime. 
Computer intrusion mainly focuses on criminal hacking and distributed 
denial of service attacks but also deals with terrorist and 
state-sponsored threats. The cyber crime department's main priority is 
tackling child pornography but it also combats online fraud, such as 
phishing, and property rights investigations.

Here, O'Neal talks exclusively to silicon.com:


On the explosive growth of the FBI's cyber division

O'Neal: We are relatively new, we have been around only about five years 
and are the smallest but also probably the fastest-growing among the 
operational divisions. That of course is related to the nature of the 
cyber threat, the volume and the intensity is relatively new to us and 
everybody else. Four to five years ago there were several offices that 
may have had one or two agents tied to a white collar crime squad 
working cyber crime, now every field office has at least one dedicated 
cyber squad.


Social networking sites as infection hotbeds

The social websites are the big target now - MySpace, Facebook...People 
are less careful and more likely to click on a link or download 
something. They are open and people can put links or trade files with 
somebody. I refer to the latest threat report from Symantec, they are 
seeing a shift away from hacking individual computers to web-based 
threats.


How home users are fuelling the botnet networks

We think that this is one area where a lot can be done, individual users 
could do more to educate themselves on security and that would have an 
impact on the overall cyber threat. People are not doing the basics, 
using antivirus software, downloading patches, using firewalls, using 
passwords that are not easy to guess, being careful where they surf and 
what they click on and opening email with attachments coming from 
unknown sources.


Biggest threat facing computer users?

It will be botnets. They can be used for a wide variety of activities 
and also up near the top will be phishing. By volume and the economic 
impact they are right up there.


Cyber crime supermarkets

The marketing of cyber crime in general and botnets in particular is a 
growing threat. We are concerned we do see that because botnets are by 
nature a force multiplier. It's throwing it open to more people.

Terrorists on the web

We do know that terrorist organisations and jihadi groups use the 
internet for many purposes - communications recruiting, propaganda, 
intrusions and for internet fraud.


Cost of cyber crime

It ranges widely from 200bn down to 10-20bn. A lot of it doesn't get 
reported and there's different kinds of losses. There's the loss of 
dollars where an account has money stolen from it and then there's cost 
to a business where it has to fix damage to a network and damage to 
reputation in some circumstances.


-==-
Let identityLoveSock take your personal information into 
their wanting hands. http://www.identity-love-sock.com/ 
Because victims have money too. 



This archive was generated by hypermail 2.1.3 : Tue Apr 15 2008 - 23:33:19 PDT