Risk
3/2/2012
01:28 PM
50%
50%

FBI Director Urges Attack Intelligence-Sharing

Teamwork between private companies and the bureau on fighting cybercrime is the way "to stop the bleeding," Robert Mueller tells RSA Conference attendees.

FBI director Robert Mueller, in a keynote address Thursday at the RSA Security Conference in San Francisco, urged real-time sharing of cybercrime and threat intelligence between the public and private sectors akin to the type of cooperation forged to fight terrorism post-9/11.

"Real-time information-sharing is essential. Much can and should be done to share with the private sector, and in turn give the private sector the means and motivation to work with us" at the FBI, Mueller said.

The FBI is continuing to build specialized cybercrime task forces to work locally with state and local law enforcement, Mueller said. "It's a similar model to the terrorism task force, but to fight cybercrime," he said. "As we continue to share information, we will continue to break down the walls that [block] our abilities to share such information--the same way we did [after] the September 11 [terrorist] attacks."

Mueller said the FBI now has specialized cybersquads in each of its 50 field offices.

[ See our complete RSA 2012 Security Conference coverage, live from San Francisco. ]

But companies traditionally have been frustrated with sharing their breach information with the FBI and other law enforcement agencies: they say it's more of a one-way street, where they share but then never hear back from law enforcement.

Mueller acknowledged that fear in his speech, and promised that the agency will reciprocate: "You may think the information flow is one-way to us," he said. "We will share what we can and as quickly as we can ... A code of silence will not serve us in the long-run."

He said the FBI understands why companies are hesitant to share their breach information with the bureau. "We do understand that you may be reluctant to report security breaches to us because it may harm you competitively or ... will erode shareholder confidence," he said.

The FBI doesn't want companies to feel victimized a second time by its investigation of the breach, he said.

Read the rest of this article on Dark Reading.

The right forensic tools in the right hands are just a start. The new Digital Detectives issue of Dark Reading shows you how to better apply the lessons they teach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
3/4/2012 | 4:27:17 AM
re: FBI Director Urges Attack Intelligence-Sharing
@readers: some people say sharing information with the government has been largely a one-way street. Have you found that to be true, and how should that be addressed?
Brian Prince, InformatinonWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8617
Published: 2015-03-04
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the WebGUI in Fortinet FortiMail before 4.3.9, 5.0.x before 5.0.8, 5.1.x before 5.1.5, and 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via the release parameter to module/re...

CVE-2015-2209
Published: 2015-03-04
DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php.

CVE-2014-7896
Published: 2015-03-03
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before ...

CVE-2014-9283
Published: 2015-03-03
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

CVE-2014-9683
Published: 2015-03-03
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.