San Francisco: Terrorists, crooks and nation states are ramping up cyber-assaults that are eating away at data, cash and security in the United States, the head of the FBI warned.
“The risks are right at our doorsteps and in some cases they are in the house,” Federal Bureau of Investigation chief Robert Mueller said in a Thursday speech at an RSA Conference of computer security professionals here.
“Working together we can find the people taking shots at us and stop those attacks.”
Mueller was the third high-ranking federal official in as many days to urge private industry cyber-warriors to join forces with the US government to battle spies, terrorists and crooks plaguing the Internet.
“As you well know, a cyber-attack could have the same impact as a well-placed bomb,” Mueller said.
“In the past 10 years, Al-Qaeda’s online presence has become as potent as its in-world presence.”
Al-Qaeda uses for the Internet range from recruiting members and inciting violence to posting ways to make bio-weapons and forming social-networks for aspiring terrorists, according to Mueller.
“The cyber-terrorism threat is real and rapidly expanding,” Mueller said.
“Terrorists have shown a clear interest in hacking skills and combining real attacks with cyber attacks.”
Threats are also rising from online espionage, with hackers out for source code, money, trade and government secrets, according to the FBI.
“Every major company in the US and Europe has been penetrated — it’s industrial warfare,” said Richard Clarke, who was a White House adviser under three prior US presidents.
“All the little cyber devices that the companies here sell have been unable to stop them. China and Russia are stealing petabytes of information.”
Clarke, now a partner at Good Harbor Consulting firm, was among the RSA panelists discussing cyber-warfare.
“Nation states have created cyber-warfare units. They are preparing the battlefield,” Clarke said.
“We have the governments of China and Russia engaging in daily activities successfully that the US government and private industry are not stopping and they are stealing anything worth stealing.”
Even seemingly innocuous information about companies is swiped for “spearphishing” attacks in which hackers dupe influential employees into downloading malicious computer codes into company networks.
“We are bleeding data… byte by byte and in some cases terabyte by terabyte,” Mueller said.
“We are playing cat and mouse and, unfortunately, the mouse seems to be one step ahead most of the time.”
Mueller urged computer security professionals to join in a united, international alliance with law enforcement agencies to battle enemies in cyberspace.
He credited such teamwork with resulting in the recent arrest of three men in Spain suspected of running a network of nearly 13 million computers secretly infected with malicious software and used for nefarious deeds.
Mueller called on victims of cyber-attacks to break the pattern of remaining silent out of fear that reporting crimes would hurt their positions in the marketplace.
“Maintaining the code of silence will not benefit you or your clients in the long run,” Mueller said. “We must continue to do everything we can together to minimize and stop these attacks.”
Mueller invited computer security savants to join the FBI, echoing a similar offer extended a day earlier by US Department of Homeland Security Secretary Janet Napolitano.
White House Internet security coordinator Howard Schmidt on Tuesday at RSA released a declassified version of a Comprehensive National Cybersecurity Initiative.
CNCI was crafted as the result of a directive signed by then-president George W. Bush in January 2008.