Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/29/2007
07:35 AM
50%
50%

FBI Faces Fresh Cyber Threats

Deputy director talks terrorists and teenagers, warning US firms of new cyber threats

NEW YORK -- From dirty bombs and high-tech spies to teenagers planning DOS attacks with Sony PlayStations, the F.B.I. has its hands full with a growing number of cyber-threats, according to David Thomas, deputy assistant director of the agency's science and technology branch.

The official, a keynoter at a conference here today, warned that the Internet is more important to U.S. national security than ever before. "We know that terrorists would like to create a dirty bomb," he said, explaining that his agency has to keep this know-how within the U.S. "Spying is changing -- whereas before people had to travel to the U.S., now they don't have to."

Senior officials, such as 9/11 Commissioner Jamie Gorelick and former presidential security adviser Richard Clarke, have already highlighted the cyber-threat posed by groups such as Al-Qaida, although this is just one of many issues on Thomas's desk. (See U.S.: Al Qaeda Eyeing Cyber Threats.)

A new breed of hackers, for example, is emerging in eastern Europe, posing a fresh challenge to corporate America. "They are using brokerage accounts to manipulate stocks now," warned Thomas. "If you have a brokerage account, you have to watch it like a hawk."

For some time now, eastern Europe has been the cyber-equivalent of the Wild West, with governments struggling to clamp down on hackers and organized crime. Even Thomas has been a victim. "I gave an interview for the Wall Street Journal last January on eastern European hacking groups and within four hours my accounts had been cleared out," he said.

The official explained that the next frontier in the battle against cyber-crime is further east. "Strategically, all my people are looking at China -- you have got a lot of people [there] that are tech-savvy," he said, explaining that, in a population of around 1.5 billion, even a tiny percentage of cyber-criminals could cause major problems for American firms.

Against this backdrop, businesses should start rethinking their storage and VOIP security strategies, according to Thomas. "Companies need to look at the way they store their data," the official told Byte and Switch, adding that CIOs can make a hacker's life more difficult by storing customer names, dates of birth, and social security numbers on separate servers.

U.S. firms also need to reappraise their perimeter security. "There's an over-reliance on firewalls -- [CIOs] think that they can do everything, but they can't," he said adding that firewalls and intrusion prevention systems (IPSs) often possess too many vulnerabilities of their own.

VOIP also presents big challenges, according to the official. "There was a case out of Newark [where] a guy had set up his own private network where he was stealing bandwidth from the private telephone companies," he explains.

The fraudster, apparently, was making $1.5 million a year simply by hacking into telecom firms' VOIP switches. This trend, warned Thomas, is on the rise. "We have seen a tremendous increase in hacking into public bridges," he explains, adding that hackers targeting VOIP switches can cost a telecom around $70,000 a month in lost revenues.

Then there is the ongoing threat posed by geeky, yet technically gifted, adolescents. To illustrate his point, Thomas related the story of an FBI raid on the home of 15-year-old American hacker, who was suspected of causing a major Denial of Service (DOS) attack in Cyprus.

Despite the feds confiscating all the kid's computers, he somehow used the Linux operating system on his Sony playstation to get back online and buy replacement gear. "That night, he wrote a DOS attack that knocked the FBI.gov Website off for three days," added Thomas, prompting laughter from the audience.

A number of vendors used today's LegalTech event to unveil new products and talk about their roadmaps. SAN specialist Xiotech, for example, announced plans to integrate its products with a new set of compliance-related services. (See Xiotech Intros Products, Services.)

These solutions, according to Mike Stoltz, the vendor's vice president of marketing, will be geared around initiatives such as the Federal Rules for Civil Procedure (FRCP), and will be available later this quarter. (See FRCP Tip Sheet.) The vendor, he added, has also got its eye on possible M&A in areas such as e-discovery and consulting. "You will see some announcements from us very shortly," he explained.

Elsewhere, Iron Mountain announced a partnership with e-discovery specialist Stratify and classification vendor Kazeon changed the user interface on its IS1200-ECS device, which its claims will make it easier for lawyers to use. (See Iron Mountain Forges Alliance and Kazeon Reduces Cost of E-Discovery.)

— James Rogers, Senior Editor Byte and Switch

  • Iron Mountain Inc. (NYSE: IRM)
  • Kazeon Inc.
  • Sony Corp. (NYSE: SNE)
  • Xiotech Corp.

     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Oldest First  |  Newest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 8/3/2020
    'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
    Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
    Out-of-Date and Unsupported Cloud Workloads Continue as a Common Weakness
    Robert Lemos, Contributing Writer,  7/28/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-16271
    PUBLISHED: 2020-08-03
    The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection.
    CVE-2020-16272
    PUBLISHED: 2020-08-03
    The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection.
    CVE-2020-8574
    PUBLISHED: 2020-08-03
    Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.
    CVE-2020-8575
    PUBLISHED: 2020-08-03
    Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).
    CVE-2020-12739
    PUBLISHED: 2020-08-03
    A vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. The vulnerability is due to improper design or implementation of the Ethernet communication modules of the CNC. An attack...