Risk
4/26/2010
11:35 AM
50%
50%

FBI Names Cyber Division Chief

Gordon Snow has experience working on counterterrorism and cybercrimes in Silicon Valley and led the effort to draft a government-wide Cyber Counterintelligence Plan.

The FBI has a new chief responsible for leading the agency's efforts to detect and prevent cyberattacks on U.S. critical infrastructure.

Gordon M. Snow is now assistant director of the FBI's Cyber Division, replacing Shawn Henry, who left the post in January to lead the FBI's Washington Field Office.

Snow most recently was deputy assistant director of the Cyber Division. He has been with the FBI for more than 18 years, starting out as a special agent in Alabama in 1992.

Snow gained significant cybersecurity experience in 2006 as an assistant special agent working in Silicon Valley. At San Francisco Division's San Jose Resident Agency, he was responsible for the counterterrorism, cyber, white-collar crime and violent crime squads.

After a brief stint in Afghanistan the next year, Snow returned to the U.S. and was appointed section chief in the Cyber Division in January 2008. In that role, he led the effort to draft a government-wide Cyber Counterintelligence Plan.

The following year, he was appointed as chief of the Cyber Division's Cyber National Security Section and the director of the National Cyber Investigative Joint Task Force. Later that year, he was promoted to deputy director of the division.

The White House is bolstering cybersecurity efforts across the administration, especially in agencies charged with protecting the U.S. against terrorism and criminal activity at home and abroad, such as the FBI, the National Security Agency and the Department of Homeland Security.

There is evidence to support the ramp up. In recent testimony during his nomination to lead the U.S. military effort against cyber warfare, Lt. General Keith Alexander said the Department of Defense network alone is hit with hundreds of thousands of probes a day that are attempting to detect vulnerabilities in it to stage an attack.

Moreover, in a recently published report, a group of federal IT pros said they believe a major cyberattack against critical U.S. infrastructure is imminent.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7402
Published: 2014-12-17
Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.

CVE-2014-5437
Published: 2014-12-17
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php,...

CVE-2014-5438
Published: 2014-12-17
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.

CVE-2014-7170
Published: 2014-12-17
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

CVE-2014-7285
Published: 2014-12-17
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.