FBI Faces Fresh Cyber Threats
JANUARY 29, 2007 | NEW YORK -- From dirty bombs and high-tech spies to teenagers planning DOS attacks with Sony PlayStations, the F.B.I. has its hands full with a growing number of cyber-threats, according to David Thomas, deputy assistant director of the agency's science and technology branch.
The official, a keynoter at a conference here today, warned that the Internet is more important to
Senior officials, such as 9/11 Commissioner Jamie Gorelick and former presidential security adviser Richard Clarke, have already highlighted the cyber-threat posed by groups such as Al-Qaida, although this is just one of many issues on Thomas's desk. (See U.S.: Al Qaeda Eyeing Cyber Threats.)
A new breed of hackers, for example, is emerging in eastern Europe, posing a fresh challenge to corporate
For some time now, eastern Europe has been the cyber-equivalent of the Wild West, with governments struggling to clamp down on hackers and organized crime. Even Thomas has been a victim. "I gave an interview for the Wall Street Journal last January on eastern European hacking groups and within four hours my accounts had been cleared out," he said.
The official explained that the next frontier in the battle against cyber-crime is further east. "Strategically, all my people are looking at China -- you have got a lot of people [there] that are tech-savvy," he said, explaining that, in a population of around 1.5 billion, even a tiny percentage of cyber-criminals could cause major problems for American firms.
Against this backdrop, businesses should start rethinking their storage and VOIP security strategies, according to Thomas. "Companies need to look at the way they store their data," the official told Byte and Switch, adding that CIOs can make a hacker's life more difficult by storing customer names, dates of birth, and social security numbers on separate servers.
VOIP also presents big challenges, according to the official. "There was a case out of
The fraudster, apparently, was making $1.5 million a year simply by hacking into telecom firms' VOIP switches. This trend, warned Thomas, is on the rise. "We have seen a tremendous increase in hacking into public bridges," he explains, adding that hackers targeting VOIP switches can cost a telecom around $70,000 a month in lost revenues.
Then there is the ongoing threat posed by geeky, yet technically gifted, adolescents. To illustrate his point, Thomas related the story of an FBI raid on the home of 15-year-old American hacker, who was suspected of causing a major Denial of Service (DOS) attack in
Despite the feds confiscating all the kid's computers, he somehow used the Linux operating system on his Sony playstation to get back online and buy replacement gear. "That night, he wrote a DOS attack that knocked the FBI.gov Website off for three days," added Thomas, prompting laughter from the audience.
A number of vendors used today's LegalTech event to unveil new products and talk about their roadmaps. SAN specialist Xiotech, for example, announced plans to integrate its products with a new set of compliance-related services. (See Xiotech Intros Products, Services.)
These solutions, according to Mike Stoltz, the vendor's vice president of marketing, will be geared around initiatives such as the Federal Rules for Civil Procedure (FRCP), and will be available later this quarter. (See FRCP Tip Sheet.) The vendor, he added, has also got its eye on possible M&A in areas such as e-discovery and consulting. "You will see some announcements from us very shortly," he explained.