Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, May 23, 2013

Telling the FBI Your Company Has Been Hacked

As cyber attacks against U.S. companies move markets, drain tens of millions dollars from bank accounts, siphon off trade secrets, and threaten critical infrastructure, the mantra among government officials is: sharing (information) is caring. The government’s desire to increase information sharing on cyber intrusions with the private sector is at the heart of an executive order issued in February—and it was a point underscored at a New York City Bar Association event on Monday, when Mary Galligan, who is an FBI “cyber cop,” urged corporations to come forward with information about attacks on their networks.

For this, we turn to Galligan’s afternoon panel on cyber crime, where she was accompanied by attorneys in private practice, a law professor, the head of a computer forensics firm, and the chief of the Manhattan District Attorney’s investigations division.

First, as Ed Stroz, of the investigative firm Stroz Friedberg, explained, it’s important to recognize that you could be attacked by different categories of attackers, including state-sponsored actors, organized criminal groups, individual hackers or “hacktivists,” and company insiders. “What happens with the FBI is right now, approximately 60 percent of the time, we are going out and telling a company that they have been intruded upon,” says Galligan. Well, either they’re getting the information from another FBI investigation, “or we’re getting it from our partners in the government,” Galligan says, which includes all 16 of the U.S. intelligence agencies.

Whether you call them or they call you, Galligan and her FBI team are going to hope your company has already contemplated the possibility of a cyber attack, that you have a response plan, and that your general counsel is involved in it.

“Because we say over and over—and I have seen it over and over—that unless the general counsels and/or your outside counsel are involved in these issues from the beginning, are part of your plan, it becomes very, very difficult for the government to help you,” Galligan says,

The bureau also pointed out to the banks that a DDoS can serve as an opportunity for criminal actors to “come in and commit crime in your system.”

“It’s a discussion where we say, ‘We recognize you need to make a business decision,” she says, “and that business decision is going to be a very complicated one.’

“You have to really figure out what exactly you’re going to be willing to do,” says DeVore & DeMarco partner Joseph DeMarco, who specialized in cyber crime as an assistant U.S.



Posted on 05/23