WASHINGTON, D.C. -- Cyberattacks are starting to eclipse terrorism as a threat to the country, say top officials from the Federal Bureau of Investigation, speaking before an audience of security professionals here at the GovSec Conference today.
"You'll see a greater prevalence of cyber-related offenses, including cyber-terrorism," predicted Ralph Boelter, assistant director of the counterterrorism division at the FBI. There's has not yet been a major cyber-terrorism attack in this country, he said, adding, "But that's not to say we're not preparing for it."
WEIRD SECURITY: What government spies, law enforcement or the military might buy
Boelter said his division is working more closely these days with the FBI's cyber division. Gordon Snow, assistant director of the FBI's cyber division, who also spoke at the GovSec Conference, said intrusions into computer systems can come from foreign-intelligence services, terrorists and other kinds of "bad actors," such as hactivists. The FBI fully expects to see more targeting of smartphones and tablets, he noted.
While the FBI has seen a string of accomplishments in the past few years in bringing perpetrators of attacks to justice, often with the help of its counterparts in law enforcement abroad, Snow said much more needs to be done.
Although large botnets allow for automated denial-of-service attacks, for example, in this kind of cybercrime "there's someone behind a keyboard tapping away at the keys," he noted. The focus needs to be on apprehending that person behind the technologies they use, he said.
When asked about Chinese cyber-espionage or how well the FBI worked today with its law-enforcement counterparts in China, Snow acknowledged things could be better. "We're cooperating with the Chinese in many aspects of law enforcement," said Snow, noting one area was in the intellectual property realm. "We hope that will improve in the cyber realm."
When asked about cloud computing and security, Snow expressed reservations. While cloud computing offers a lot in terms of agile computing and cost effectiveness, he said, as an outsourcing arrangement around data, it brings risks. "The cloud provider may have no security at all," he said, adding he hopes the industry for cloud computing "tips in the direction of strong security."
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.