Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/29/2007
07:35 AM
50%
50%

FBI Faces Fresh Cyber Threats

Deputy director talks terrorists and teenagers, warning US firms of new cyber threats

NEW YORK -- From dirty bombs and high-tech spies to teenagers planning DOS attacks with Sony PlayStations, the F.B.I. has its hands full with a growing number of cyber-threats, according to David Thomas, deputy assistant director of the agency's science and technology branch.

The official, a keynoter at a conference here today, warned that the Internet is more important to U.S. national security than ever before. "We know that terrorists would like to create a dirty bomb," he said, explaining that his agency has to keep this know-how within the U.S. "Spying is changing -- whereas before people had to travel to the U.S., now they don't have to."

Senior officials, such as 9/11 Commissioner Jamie Gorelick and former presidential security adviser Richard Clarke, have already highlighted the cyber-threat posed by groups such as Al-Qaida, although this is just one of many issues on Thomas's desk. (See U.S.: Al Qaeda Eyeing Cyber Threats.)

A new breed of hackers, for example, is emerging in eastern Europe, posing a fresh challenge to corporate America. "They are using brokerage accounts to manipulate stocks now," warned Thomas. "If you have a brokerage account, you have to watch it like a hawk."

For some time now, eastern Europe has been the cyber-equivalent of the Wild West, with governments struggling to clamp down on hackers and organized crime. Even Thomas has been a victim. "I gave an interview for the Wall Street Journal last January on eastern European hacking groups and within four hours my accounts had been cleared out," he said.

The official explained that the next frontier in the battle against cyber-crime is further east. "Strategically, all my people are looking at China -- you have got a lot of people [there] that are tech-savvy," he said, explaining that, in a population of around 1.5 billion, even a tiny percentage of cyber-criminals could cause major problems for American firms.

Against this backdrop, businesses should start rethinking their storage and VOIP security strategies, according to Thomas. "Companies need to look at the way they store their data," the official told Byte and Switch, adding that CIOs can make a hacker's life more difficult by storing customer names, dates of birth, and social security numbers on separate servers.

U.S. firms also need to reappraise their perimeter security. "There's an over-reliance on firewalls -- [CIOs] think that they can do everything, but they can't," he said adding that firewalls and intrusion prevention systems (IPSs) often possess too many vulnerabilities of their own.

VOIP also presents big challenges, according to the official. "There was a case out of Newark [where] a guy had set up his own private network where he was stealing bandwidth from the private telephone companies," he explains.

The fraudster, apparently, was making $1.5 million a year simply by hacking into telecom firms' VOIP switches. This trend, warned Thomas, is on the rise. "We have seen a tremendous increase in hacking into public bridges," he explains, adding that hackers targeting VOIP switches can cost a telecom around $70,000 a month in lost revenues.

Then there is the ongoing threat posed by geeky, yet technically gifted, adolescents. To illustrate his point, Thomas related the story of an FBI raid on the home of 15-year-old American hacker, who was suspected of causing a major Denial of Service (DOS) attack in Cyprus.

Despite the feds confiscating all the kid's computers, he somehow used the Linux operating system on his Sony playstation to get back online and buy replacement gear. "That night, he wrote a DOS attack that knocked the FBI.gov Website off for three days," added Thomas, prompting laughter from the audience.

A number of vendors used today's LegalTech event to unveil new products and talk about their roadmaps. SAN specialist Xiotech, for example, announced plans to integrate its products with a new set of compliance-related services. (See Xiotech Intros Products, Services.)

These solutions, according to Mike Stoltz, the vendor's vice president of marketing, will be geared around initiatives such as the Federal Rules for Civil Procedure (FRCP), and will be available later this quarter. (See FRCP Tip Sheet.) The vendor, he added, has also got its eye on possible M&A in areas such as e-discovery and consulting. "You will see some announcements from us very shortly," he explained.

Elsewhere, Iron Mountain announced a partnership with e-discovery specialist Stratify and classification vendor Kazeon changed the user interface on its IS1200-ECS device, which its claims will make it easier for lawyers to use. (See Iron Mountain Forges Alliance and Kazeon Reduces Cost of E-Discovery.)

— James Rogers, Senior Editor Byte and Switch

  • Iron Mountain Inc. (NYSE: IRM)
  • Kazeon Inc.
  • Sony Corp. (NYSE: SNE)
  • Xiotech Corp.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    News
    Inside the Ransomware Campaigns Targeting Exchange Servers
    Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
    Commentary
    Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
    Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    How Enterprises are Developing Secure Applications
    How Enterprises are Developing Secure Applications
    Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2021-31414
    PUBLISHED: 2021-04-16
    The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration.
    CVE-2021-26073
    PUBLISHED: 2021-04-16
    Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a server-to-server JWT or ...
    CVE-2021-26074
    PUBLISHED: 2021-04-16
    Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a se...
    CVE-2018-19942
    PUBLISHED: 2021-04-16
    A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QT...
    CVE-2021-27691
    PUBLISHED: 2021-04-16
    Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request...