FBI doesn’t have ‘bandwidth’ to handle cyberattack scope

GPS rollover this weekend — NATO launches live exercise next week

 

MO’ MONEY, MO’ PROBLEM-SOLVERS — Cyberattacks represent “a significant challenge” that “exceeds the bandwidth that we have at the moment,” FBI Director Christopher Wray told House lawmakers Thursday during a hearingon the bureau’s fiscal year 2020 budget. “Whatever resources you were to make available to us on the cyber mission could immediately be put to good use,” Wray told Rep. Matt Cartwright when asked if the FBI wanted more than the $70 million increase for its cyber program included in Trump’s budget. The current request would let the bureau hire 25 new analysts to review the vast troves of data generated by every investigation. Wray said the October 2017 Las Vegas shooting produced more than a petabyte of data.

Because it can’t fight every cybercrime, the FBI is focused on training state and local law enforcement to handle low- and medium-severity incidents. “There is a swath of cyber-enabled criminal activity that is affecting businesses that is essentially below the level of sophisticated stuff that the feds typically take on but above the level that currently is in the range of most state and local law enforcement,” Wray said. Through its Regional Computer Forensics Laboratories, the bureau is helping local police “move up-market, if you will, in terms of the kinds of things they can reach.” Wray described this as the FBI teaching their counterparts to fish rather than catching fish for them, so “they can train others in their departments.”

Wray also committed to reviewing Rep. Tom Graves’ bill that would authorize companies to “hack back” against criminals who try to breach their systems. The FBI would be happy to “take a look at any ideas you have,” Wray said. While he carefully avoided endorsing the controversial notion of hacking back, he did say that public-private partnerships against cybercrime will be “a significant paradigm shift” in the next 10 years, “because otherwise we’re not going to be able to stay ahead of the threat.”

SHINE BRIGHT LIKE A DIMON — Here’s another area where cyber is topping someone’s list. “The threat of cyber security may very well be the biggest threat to the U.S. financial system,” wrote JPMorgan Chase CEO Jamie Dimon in a letter to shareholders Thursday. He said the company spends $600 million each year to protect itself and its clients. Dimon also wrote that the federal government should set a national privacy law, and said the company would soon begin talking about ways to address another problem in the future: “The openness of the internet means that trolls, foreign governments and others are aggressively using social media and other platforms to confuse and distort information.”

SUNDAY’S THE BIG DAY — Don’t forget that Saturday’s GPS rollover day, when some older GPS systems may run afoul of a mini-Y2K-like bug. Here’s what we wrote about it before. “If there’s a little bit of risk there, not a lot, that’s introduced into the system, it’s prudent to take reasonable steps to monitor and manage that risk, reduce that risk if possible,” Bob Kolasky, director of the DHS Cybersecurity and Infrastructure Security Agency’s National Risk Management Center, said recently.

THE INTERNATIONAL SCENE

LIVE-CYBER EXERCISE — Locked Shields 2019, an international live-fire cyber exercise that mobilizes cyber experts to practice protecting national IT systems and critical infrastructure under a severe cyberattack, kicks off next week. The five-day exercise, organized by the NATO Cooperative Cyber Defence Center of Excellence, will address the “protection of vital services and critical infrastructure.”

This year’s scenario will take place in the oft scenario-afflicted country Berylia during a critical time while the island nation is conducting national elections. As a number of malicious events coupled with cyberattacks cause severe disruptions in the nation’s critical infrastructure, the goal is for participants to weather the operation of various systems under pressure and understand “national coordination mechanisms, law enforcement options and strategic communications.”

SAMSAM I AMAM — Is there a connection? A top FBI official said Thursday that since U.S. law enforcement took action in November against two Iranians it accused of being behind the SamSam ransomware, which counted the city of Atlanta among its 200 victims over three years, there hasn’t been any additional damage. Tonya Ugoretz, deputy assistant director of the FBI’s cyber division, said the ransomware forced a rethinking of the FBI structure because nearly every one of its 56 field offices was supporting victims of the attack; now, the model is that when there’s a certain type of threat or attacker, there’s one office in charge, other offices running supporting investigations and program management from FBI headquarters bringing it all together.

Ugoretz also said Thursday that U.S. indictments send a signal about how certain the government is in its attribution. Speaking at the same Forcepoint Cybersecurity Leadership Forum, CISA Director Chris Krebs touted a cyber talent management initiative and CISA’s thinking on doing business with companies connected to authoritarian governments.

CLICK HERE TO SUPPORT — Democratic presidential candidate Rep. Tulsi Gabbard on Thursday reintroduced a bill that would require the use of voter-verified paper ballots or a paper ballot backup. She then touted the Secure America’s Elections Act (H.R. 1946) via her campaign. “My bill ensures our upcoming elections are hack-proof by providing the American people with an auditable, reliable, paper record of their votes, protecting against anyone who seeks to manipulate or change the outcome of our elections,” she said in an email to supporters and would-be backers.

LET’S ALL GET ALONG — Major tech industry signatories to a cybersecurity agreement on Thursday backed a series of recommendations aimed at lowering tensions online. The Cybersecurity Tech Accord, which includes tech giants like Microsoft and Facebook, believes the suggestions will reduce the chance of conflict on the internet. The recommendations include developing a list of facilities that are off-limits to cyberattacks; holding cybersecurity exercises for governments and others to participate in; and appointing a “cyber ambassador” to keep everyone in the loop and to track digital capabilities as they develop.

RECENTLY ON PRO CYBERSECURITY — States spent less than 10 percent of $380 million in election security funds in the six months after the Election Assistance Commission made it available last year. … House Science Committee Republicans requested a briefing on FEMA’s exposure of disaster victim data. … DOJ defended releasing an initial summary of special counsel Robert Mueller’s report. … Germany’s top data protection officer said Amazon’s cloud hosting services aren’t suitable for storing the nation’s police data because of potential U.S. snooping. … Massachusetts Institute of Technology is severing funding ties with Huawei and ZTE amid U.S. investigations into the Chinese companies.

TWEET OF THE DAY — You know, that’s a really good analogy.

PEOPLE ON THE MOVE

— Raytheon on Thursday named Teresa Shea vice president of cyber warfare and mission innovations within its intelligence, information and services business. Shea most recently worked as executive vice president of technology at In-Q-Tel, and before that served 32 years at the NSA, including as director of signals intelligence.

This article originally appeared on Politico.com

Source: Politico