14 DAY TRIAL // In his speech at the RSA Conference in San Francisco, FBI Director James B. Comey has highlighted that federal government agencies such as the Department of Defense, the Department of Homeland Security and the Secret Service are making cyber security a top priority.
“Within the FBI, we are targeting high-level intrusions—the biggest and most dangerous botnets, state-sponsored hackers, and global cyber syndicates. We want to predict and prevent attacks rather than reacting after the fact,” Comey said in his speech.
Comey has highlighted that cyber security has even topped the list of global threats named by Director of National Intelligence Jim Clapper, surpassing the threat of terrorism, espionage and even weapons of mass destruction.
The director says the FBI and other law enforcement agencies are doing the best they can to fight cyber threats. However, he believes what they’re doing isn’t enough, the key to success being an efficient collaboration with the private sector.
“Imagine a day where intelligence from combined sources—the government, anti-virus companies, ISPs, the financial services sector, and communications companies—is shared instantaneously, machine-to-machine, pursuant to law and with strong privacy protections in place,” he said.
“What if we were able to stop much of the malware as it transited the networks? It is no longer good enough to identify malware as it attacks your system.”
The FBI currently has a system called Binary Analysis Characterization and Storage System (BACSS), a malware repository and analysis tool that provides investigative information in near real time. The agency plans on rolling out an unclassified version of BACSS that partners can also use.
Comey says the goal is to make BACSS the nation’s repository for malware and viruses, similar to what the FBI currently has for DNA, fingerprints and criminal arrest records. To help the agency achieve this goal, the director urges companies whose systems have been hacked to send the malware used in the attack to the FBI.
A recent request for quote published on the Federal Business Opportunities website shows that the FBI is looking for a malware supplier, someone that could provide as much as 35Gb of malware per day.
Comey also points to iGuardian, a system that law enforcement and the private sector can use to share both classified and unclassified information.
“This is the model we are striving for—using intelligence gathered from our own authorities and our own partners to stop a threat before it becomes a problem. This is the only true incentive we need—to prevent as many attacks as possible,” he said.