An announcement from the FBI caught my eye. The agency doesn’t just want to stop cyber crime; it wants to find the hackers responsible.
According to the FBI’s blog:
The FBI over the past year has put in place an initiative to uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers’ digital signatures from mountains of malicious code. Agents are cultivating cyber-oriented relationships with the technical leads at financial, business, transportation, and other critical infrastructures on their beats.
What the FBI has now added is a 24/7 command center where this information is being decoded for similarities and patterns constantly, and then shared with law enforcement and other government agencies. This is definitely a step in the right direction for the agency. As the Kaspersky Lab Threat Post blog pointed out:
One of the main criticisms leveled at the bureau in the last few years in regard to cybercrime investigations is its relative lack of specially trained investigators who have the skills and experience to conduct major computer-crime investigations. The FBI has been hiring cybercrime specialists as quickly as possible in recent years, but there is a shortage of trained people willing to take government jobs when they can make more money in the private sector.
This might be the best news about cybersecurity to come out of Washington this year. At least, it is the most proactive thing being done.
FBI Assistant Director of Criminal, Cyber, Response and Services Richard McFeely said in a statement quoted by InformationWeek that the FBI’s goal is to find out who is responsible for cyber attacks and what the motives are. He went on to say:
In order to get to that, we've got to do all the necessary analysis to determine who is at the other end of the keyboard perpetrating these actions.
I’m a firm believer in finding out why an attack happened, as well as how it happened. The “why” question always involves the “who” question, as in, who did it. While only time will tell whether or not the FBI’s efforts will get to the heart of cyber attacks, it is a step in the right direction. Hopefully Congress will soon follow the FBI’s lead.