FBI Head Of Cybersecurity In San Francisco Warns: Look To Inside Threats
The arrest of Wikileaks founder Julian Assange marks the first step toward trying one of the most prominent cyber crimes in American history and his charges to commit computer intrusion are more common theses days than one would think. With cyber threat actors making a living off of hacked information, it should come as no surprise that U.S. government intelligence agencies are shifting focus and resources to address the issue which includes $15 billion set aside from the President’s Budget for cyber security-related activities.
Symantec’s Internet Security Threat Report notes this especially true for large companies with enterprise ransomware up 12% in 2018. According to M.K. Palamore, San Francisco’s head of cybersecurity at the FBI, the agency alerts companies on a weekly basis of cyber threats. “We’re still the number one entity in notifying the private sector of being a victim of a breach,” Palamore addressing the audience Monday at the Forbes CIO Summit in Half Moon Bay, California.
Palamore’s Northern California jurisdiction stretches from Silicon Valley to Eureka, where the FBI has seen a high volume of cyberscurtiy threats and attacks that are either financially motivated criminal intrusions or national cyber intrusions. “We spend a lot of time diving into what a bad day looks like for your CSO and CIO,” said Palamore.
The agency discovers cyber activity through normal investigations, which the FBI says mostly comes from overseas threat actors targeting specific companies.“A cyber threat actor – even an advanced one – will take a phishing email access to your enterprise over a high-level intrusion or breach,” said Palamore. These actors are specifically targeting low hanging fruit with the goal to engage as many vulnerable targets as possible.
The former Marine and 22 year veteran of the FBI emphasized the importance of establishing a repertoire with enterprises before they have an intrusion. “I can’t tell you the number of times an enterprise reached out to us in an effort to triage an issue they’re dealing with and they’ve basically reached the end of their ability to solve the problem.”
He says building a relationship with the agency before trouble arises can lead to an useful exchange of information. “We have personnel within the company that has clearance who are able to offer classified briefings to that enterprise and let them know exactly how much information we might have.”
The most alarming part for enterprises or anyone with computer really? The FBI’s ability to keep up with cyber threat actors. “We can’t scale to the problem fast enough.”