The FBI released the below report and the above photo:
Yesterday FBI Director James Comey delivered a keynote address at the inaugural Boston Conference on Cyber Security, touching on the current cyber threat landscape, what the FBI is doing to stay ahead of the threat, and the importance of strong private sector partnerships.
The conference, a partnership between the FBI and Boston College’s Cybersecurity Policy and Governance master’s degree program, also features additional expert speakers and panelists who will be covering such areas as emerging technologies, operations and enforcement, along with real-life cyber and national security experiences focusing on risk, compliance, policy, threat trends, preparedness, and defensive strategies.
Cyber threats, said Comey, are “too fast, too big, and too widespread for any of us to address them alone.”
During his remarks, Comey discussed the “stack of bad actors” committing cyber crimes, including nation-states, multinational cyber syndicates, insiders, hacktivists, and—currently to a lesser degree—terrorists (“they have not yet turned to using the Internet as a tool of destruction,” he explained, “in a way that logic tells us certainly will come in the future.”)
And what are these bad actors after? According to Comey, they’re after information, access, and advantage. He further explained, “And we’re not only worried about loss of data, but corruption of that data and lack of access to our own information.”
“Cyber threats are too fast, too big, and too widespread for any of us to address them alone.
James B. Comey, Director, FBI
The public and private sector can help deter this behavior, said Comey, by reducing vulnerabilities, reducing the threat by holding accountable those who are responsible, and mitigating the damage.
The FBI Director also laid out the Bureau’s five-part strategy to address cyber intrusions:
Focusing ourselves better inside the FBI in terms of how we operate and who we hire;
Shrinking the world by clarifying investigative “lanes in the road” here at home and enhancing cooperation abroad;
Imposing costs on this kind of behavior by locking cyber criminals up and/or calling them out through incidents and sanctions;
Enhancing the “digital literacy” of state and local partners through training, equipment, and task forces to make them more effective; and
Working to improve collaboration with private sector entities, the primary targets of cyber intrusions but the majority of whom, according to Comey, don’t turn to law enforcement when they’re breached.
Comey also spoke about the impact of the advent of “ubiquitous strong encryption” on the work of law enforcement and urged the audience to “continue to engage in what is a very complicated and difficult subject.” This so-called Going Dark issue is a growing challenge to public safety and national security that has eroded law enforcement’s ability to obtain electronic information and evidence with a court order or warrant.