John D. Memarest, the FBI's Assistant Director in charge of the Cyber Division, spoke before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism, on May 8th.
We see four primary malicious actors in the cyber world: foreign intelligence services, terrorist groups, organized criminal enterprises, and hacktivists.
Dozens of countries have sophisticated cyber espionage capabilities, and these foreign cyber spies have become increasingly adept at exploiting weaknesses in our computer networks. Once inside, they can exfiltrate government and military secrets, as well as valuable intellectual property—information that can improve the competitive advantage of state-owned entities and foreign companies.
Terrorist groups would like nothing better than to digitally sabotage our power grid or water supply. Although most such groups currently lack the capability to conduct sabotage operations over the Internet themselves, the tools and expertise to perpetrate a cyber attack with physical effects are readily available for purchase or hire.
Organized criminal groups, meanwhile, are increasingly migrating their traditional criminal activity from the physical world to the online world. They no longer need guns to rob a bank; they use a computer to breach corporate and financial institution networks to steal credentials, account numbers, and personal information they can use to make money.
These criminal syndicates, often made up of individuals living in disparate places around the world, have stolen billions of dollars from the financial services sector and its customers. Their crimes increase the cost of doing business, put companies at a competitive disadvantage, and create a significant drain on our economy.
Hacktivist groups are pioneering their own forms of digital anarchy, posing novel cybersecurity threats by repeatedly illegally accessing computers or networks for a variety of reasons, including politically or socially motivated goals.
With these diverse actors, we face significant challenges in our efforts to address and investigate cyber threats. While the FBI has already made great strides in developing its capability to address the cyber threat, we are currently prioritizing our immediate and long-term areas for strategic development in order to best position ourselves for the future.
You can read the rest of the statement via the below link: