The Boston Conference on Cyber Security by Boston College

The Boston Conference on Cyber Security March 8, 2017

Organized by: Boston College's MS in Cybersecurity Policy & Governance Program; The Federal Bureau of Investigation

A Compilation of News Coverage Office of University Communications

BOSTON COLLEGE Woods College of Advancing Studies

In the News: The Boston Conference on Cyber Security This compilation of news clips shows the breadth and depth of local, national and international media coverage of the inaugural Boston Conference on Cyber Security, held in Gasson Hall on March 8, 2017, and organized by Boston College’s MS in Cybersecurity Policy & Governance Program and the Federal Bureau of Investigation. The keynote address by FBI Director James B. Comey attracted more than 50 journalists from 35 local, national and international media outlets. To date, coverage of the director’s speech and the conference has appeared in more than 100 print, broadcast, and electronic media outlets around the world. The story was covered by the print and broadcast journalists of the leading global wire services Associated Press, Reuters and Bloomberg; the New York Times, Wall Street Journal, Boston Globe, and Politico; the networks ABC News, CNN, C-‐‑SPAN, CBS News, FOX News, and NBC News; and industry publications CIO, CSO Online and ThreatPost.com, who sent correspondents to the conference. The coverage was the result of close coordination between the conference organizers in the Woods College of Advancing Studies, the FBI’s Boston Division and the Office of University Communications, which took the lead in outreach, logistics and event services for media in attendance. This compilation reflects worldwide attention the conference focused on the Woods College, the Cybersecurity Policy & Governance Program and the pressing issue of cyber security. It is fitting recognition of the leadership of Dean James P. Burns, I.V.D., and the Woods College’s commitment to academic excellence, program innovation and service to our global society. Jack Dunn Ed Hayward Associate Vice President Associate Director Office of University Communications Office of University Communications March 16, 2017

March 8, 2017

FBI Director Comey at Cyber Conference: 'You're Stuck With Me' BOSTON â&#x20AC;&#x201D; FBI Director James Comey said he has no plans to step down anytime soon in a speech on Wednesday, days after he reportedly pushed back against President Donald Trump's allegations that the Obama administration had tapped phones at Trump Tower. "Youâ&#x20AC;&#x2122;re stuck with me for another 6-1/2 years," Comey said at a Boston College cyber security conference, indicating he expects to serve the remainder of his 10-year term. Comey did not speak with reporters during public appearances in Boston on Tuesday and Wednesday, ignoring questions about the wiretapping accusation that Trump made on Saturday without offering any evidence to support it. Comey, who was appointed FBI director by Barack Obama in 2013, had urged Justice Department officials to refute Trump's claims because it falsely insinuated the Federal Bureau of Investigation broke the law, U.S. officials have said. The department has not acted on his request. The White House said on Monday that Trump still has confidence in Comey despite his assertiveness in challenging Trump's claim. Comey also reiterated a plea for technology companies to enable authorities to access encrypted data on mobile devices and in messaging apps. He said strong encryption had become more popular in recent years, particularly after former intelligence contractor Edward Snowden's revelations about U.S. spying programs. The use of the technology for scrambling data has made it increasingly difficult for law enforcement to investigate crimes, even when authorities have court orders giving them permission to access data, he said. As evidence, he said that FBI technicians were unable to access data in about 1,200 of some 2,800 devices that state and local agency asked the bureau to help open from October to December, hampering progress in criminal investigations. https://www.nytimes.com/reuters/2017/03/08/us/politics/08reuters-usa-cyber-comey.html?_r=1

March 8, 2017

Comey Says He Has No Plans to Leave FBI FBI director, who has been the target of ire from the political left and right, said he would finish out his term BOSTON—Federal Bureau of Investigation Director James Comey made it clear Wednesday: He doesn’t plan to go anywhere. Mr. Comey, who has been the target of ire from both the political left and right, said in a speech that he would finish out his term. “You’re stuck with me for another 6 1/2 years,” he said, delivering the keynote address at the Boston Conference on Cyber Security, a daylong event at Boston College. Mr. Comey, a onetime U.S. attorney, was appointed to a 10-year term as FBI director by former President Barack Obama. Mr. Comey didn’t broach the controversies dominating the news, including President Donald Trump’s unsubstantiated claims that he was wiretapped by Mr. Obama, Tuesday’s WikiLeaks dump of what it says are thousands of Central Intelligence Agency documents, or alleged interference by Russia in the 2016 presidential election. But speaking to an audience of about 180 that included many in the business community, Mr. Comey talked broadly about how the FBI is trying to stay ahead of cyber threats. He also returned to an issue he has spoken at length about in the past few years but has avoided recently amid political controversies: the FBI’s growing inability to get into encrypted phones and other devices. The tension came to a head in a major legal battle between the FBI and Apple Inc. last year after the company refused to help investigators open an iPhone phone seized from the 2015 San Bernardino, Calif., terrorism attack. But the FBI ultimately was able to get into the phone with a hacking tool, leaving unresolved a broader debate over how to balance data encryption and privacy needs with security and law enforcement concerns. In his remarks, Mr. Comey called for a return to that debate. “The advent of default, ubiquitous, strong encryption is making more and more of the room in which the FBI investigates dark,” Mr. Comey said, adding that such encryption was increasingly limiting not just cybercrime investigations but also drug, robbery and other routine cases. From October through December, the FBI lawfully obtained 2,800 devices across investigations, the director said, but couldn’t open 1,200 of them using any available techniques.

“If we are going to move to a place where wide swaths of American life are outside of judicial reach, that’s something we have to talk about,” he said. “It’s not something, in my view, we should drift to.” Technology companies and privacy groups argue that strong encryption is necessary to protect users’ information, and that providing a technological “key” or “backdoor” for law enforcement would simply make the information more vulnerable to hackers of all kinds. Mr. Comey said he didn’t view the technology industry’s priorities as inherently at odds with law enforcement needs, but said California-based Apple may see the world as “not dark enough because where they live it’s sunny all the time.” “It’s not the FBI versus Apple,” he said. “We need to stop bumper-stickering each other. We need to stop tweeting at each other.” An Apple representative couldn’t immediately be reached for comment. Mr. Comey also spoke about the increasing use of encryption since disclosures by former U.S. intelligence contractor Edward Snowden. The U.S. charged Mr. Snowden with allegedly leaking details of highly classified government surveillance programs. The WikiLeaks disclosure this week of thousands of internal CIA documents and files describing technology the agency has to spy on people is likely to refocus attention on the balance between secrecy, privacy and security. Mr. Comey has been in the spotlight in recent months, with some Democrats saying his public comments on the investigation of candidate Hillary Clinton’s email arrangement hurt her campaign. Currently, the FBI is probing Russian attempts to influence the 2016 presidential election campaign. Earlier this week, the FBI asked the Justice Department to publicly rebut President Trump’s unsubstantiated accusation that he was wiretapped by his predecessor. On Wednesday, Sens. Lindsey Graham (R., S.C.) and Sheldon Whitehouse (D., R.I.) asked Mr. Comey, as well as the Justice Department, to provide copies of any warrant applications and court orders on the possible wiretapping, for which Mr. Trump has provided no evidence. But Mr. Comey’s delivered his talk Wednesday to a friendly crowd that didn’t ask about the controversies during a question-and-answer session. The FBI director also talked about some of the strategies cyber criminals are deploying, including “ransomware” attacks aimed at hospitals, which may find their data inaccessible until they pay a ransom. “It’s disastrous to pay the ransom, because when you pay the ransom, the plague” is only going to spread, he said. https://www.wsj.com/articles/comey-says-he-has-no-plans-to-leave-fbi-1489007349

March 8, 2017

FBI Director James Comey: 'There Is No Such Thing as Absolute Privacy in America' FBI Director James Comey warned Americans that true privacy isn't really possible anymore in a speech Wednesday. "There's no such thing as absolute privacy in America," Comey said at a Boston College cybersecurity conference, Politico reported. "There is no place in America outside of judicial reach." He also said at the conference: "Even our memories arenâ&#x20AC;&#x2122;t private. Any of us can be compelled to say what we saw." Comey did note that he was a fan of privacy. According to Politico, Comey cited his Instagram account shared with only close friends and family, saying that he didn't want just anybody seeing his photos.Comey's comments came just a day after Wikileaks released files allegedly from the FBI's sister organization, the Central Intelligence Agency. Those papers appeared to show that the CIA had tools to compromise popular consumer technology including Apple iPhones and Android-powered devices. http://time.com/4696091/fbi-james-comey-privacy-speech/

March 8, 2017

FBI Director James Comey claims 'there is no such thing as absolute privacy in America' FBI Director James Comey slammed tech companies for their increasingly airtight encryption methods, suggesting that such tools are preventing the FBI from being able to conduct its lawful investigations. "The advent of default ubiquitous strong encryption is making more and more of the room in which the FBI investigates dark," Comey told a cybersecurity conference at Boston College, as reported by BuzzFeed News. Comey explained that the FBI has received 2,800 devices since the beginning of 2016 that it has the lawful authority to search, but that it has not been able to open 1,200 of those devices. Comey suggested that the strong encryption breaks the "bargain" the American people have made but he "disputed claims that he is advocating for weaker encryption or so called encryption backdoors into our phones," BuzzFeed News writes. Still, "there is no such thing as absolute privacy in America," Comey said. "That's the bargain. And we made that bargain over two centuries ago to achieve two goals. To achieve the very, very important goal of privacy and to achieve the important goal of security. Widespread default encryption changes that bargain. In my view it shatters the bargain." http://theweek.com/speedreads/684824/fbi-director-james-comey-claims-there-no-such-thingabsolute-privacy-america

March 8, 2017

'You're Stuck With Me,' FBI Director Says, Citing No Plans To Leave Job

The FBI director has no plans to leave the post before the end of his 10-year term. "You're stuck with me for about 6 1/2 years," James Comey said at a cyber conference in Boston on Wednesday, urging conference organizers to invite him to speak again. In recent days, NPR and other news outlets have reported Comey pressed the Justice Department without success to issue a public denial of President Trump's tweet that the FBI and President Barack Obama wiretapped his phones at Trump Tower.

White House press secretary Sean Spicer said this week that Trump still has confidence in Comey's ability to lead the FBI. Comey, who served as deputy U.S. attorney general under President George W. Bush and who was named FBI director by Obama, has demonstrated a nearly unique ability to draw critics from both ends of the political spectrum. Hillary Clinton has blamed his decision to send a letter about her email scandal to Congress 11 days before the 2016 presidential election as one key reason for her loss at the polls. Clinton aides have held the grudge. Early Wednesday, Clinton Communications Director Jennifer Palmieri called him a "particularly infuriating character" and accused him of "protecting his own reputation" instead of following the rules. Democratic and Republican veterans of the Justice Department blasted Comey for overriding long-standing norms about not taking any law enforcement action that could tip the scales before an election. For his part, Trump has alternately praised and derided the FBI and its director. Early in his tenure, Trump greeted Comey with a handshake and partial hug, proclaiming the law enforcement officer had "become more famous than me." Just weeks later, Trump tweeted his frustration with the FBI for a series of national security leaks. "The FBI is totally unable to stop the national security 'leakers' that have permeated our government for a long time," Trump tweeted. "They can't even...... find the leakers within the FBI itself. Classified information is being given to media that could have a devastating effect on U.S." http://www.npr.org/2017/03/08/519235979/youre-stuck-with-me-fbi-director-says-citing-no-plans-to-leavejob

March 8, 2017 ‘You’re stuck with me,’ FBI Director James Comey says FBI Director James Comey, speaking at Boston College Wednesday morning, said widespread digital encryption of devices and apps has made the FBI’s work more difficult. “In October, November, and December, the FBI received to our examiners 2,800 devices for which we had lawful authority to open,” he said. “Twelve-hundred of those devices, so about 43 percent, we could not open with any technique.” Speaking at BC’s cybersecurity conference, Comey said encryption used to be utilized by “the sophisticated actor.” Now, he said, it is used by drug dealers and other lower-end criminals. Comey said he was not calling for weaker encryption, and that “strong encryption is a great thing” for cyber security efforts. But should Americans have an expectation of total privacy through encryption? That still needs to be answered, he said. The FBI director also suggested that he intends to fulfill his ten-year term at the head of the agency: “You’re stuck with me for about another six and a half years,” he said. The speech came against a fraught political backdrop that has featured various high-profile cyber security issues in recent days. On Tuesday, WikiLeaks, the international platform that publishes classified government documents, released information, apparently from the Central Intelligence Agency, showing how the spy agency can hack into Internet-connected consumer electronics like smartphones and televisions. The remarks also came four days after President Trump tweeted that his predecessor, Barack Obama, had wiretapped Trump Tower during the presidential campaign. It remains unclear what the president was referring to or what evidence backs up his claim, and according to media reports, Comey unsuccessfully asked the Department of Justice over the weekend to deny the accusation. Comey, appointed in 2013, repeated calls he has previously made encouraging Americans to have a robust debate over encryption.

Last year, the FBI and Apple feuded over whether the company should have helped the agency break into the cell phone of one of the San Bernadino terrorists. Apple resisted a court order, arguing it could lead to future privacy violations. The issue was dropped after the FBI found a way to break into the phone. Comey noted that he did not see Apple as “evil” in its approach to the issue. “We need to stop bumper-stickering people, we need to stop tweeting at each other. We need to find the space to have a really hard conversation about how we want to be,” Comey said. “We need an understanding that everyone is approaching this debate with an open mind and a genuine respect for the rule of law and for privacy and public safety.” Comey also highlighted a distinction between traditional cyber espionage and corporate theft. “Nation states engage in intelligence gathering. They always have, they always will,” Comey said. “What nation states do not do and cannot do is steal stuff to make money. To steal innovation, to steal formulas ... That is criminal behavior. That is very different from the actions of a nation state engaged in espionage.” In his remarks, which lasted about 45 minutes, Comey urged companies to be in close touch with the FBI about cyber threats. He also outlined the agency’s strategy for dealing with the threat, which includes focusing on recruiting tech talent and fostering internal competition to improve the agency’s tactics. During the campaign, Comey investigated the private e-mail server used by Democratic candidate Hillary Clinton while she served as secretary of state, a practice that was criticized for putting classified information at risk. Ultimately, he did not recommend criminal charges against Clinton, angering conservatives, but his announcement that he was reopening the investigation — two weeks before the election — caused an uproar on the political left. Meanwhile, e-mails from the Clinton campaign and the Democratic National Committee were made public during the election. US intelligence officials have attributed the email releases to hacking initiatives directed by the Russian government, fueling calls for investigations into the Trump campaign’s relationship with Russia. Comey did not speak about these developments in his speech or in a brief question-and-answer session with conference attendees following his remarks. Nor did he speak with reporters. In the speech, he did classify nations, as opposed to hacking syndicates and activist groups, as the top cyber threats, naming Russia as one such country. “I’m very slippery,” he said. “I’ll avoid talking about things I don’t want to talk about.” Prior to Comey’s speech, Harold Shaw, the special agent in charge for the FBI’s Boston division, said the region is “a target-rich environment” for cyber criminals, because of the defense contractors, colleges, and tech companies it hosts. https://www.bostonglobe.com/business/2017/03/08/comey-you-stuckwith/wSdywnbKBba1QPLxgTsdiL/story.html

March 9, 2017 James Comey warns of ‘evil’ cyber threats FBI Director James B. Comey vowed to finish his term and identified Russia as one of the top cybersecurity threats facing the United States while avoiding any mention of election hacking during his first extended remarks since President Trump claimed former President Barack Obama wiretapped his phones. “You’re stuck with me for another 6  1⁄2 years,” Comey, who is in the midst of a 10-year term, told those gathered yesterday at Boston College’s first annual cybersecurity conference. As he launched into his speech, Comey jokingly warned a crowd of public officials and private companies that he’d “avoid talking about things I don’t want to talk about.” Throughout his address, Comey described an “evil layer cake” of cyber threats, topped by countries such as Russia and China. At the bottom, he said, are terrorists who, while having mastered the internet as a recruitment tool, have not yet “turned to using the internet as a tool of destruction.” But as noteworthy during the discussion were the topics that did not surface. While he flagged Russia as a threat, Comey didn’t delve into the country’s specific capabilities, tactics or recent actions. Nor did he address the alleged Russian hacking during the election, WikiLeaks’ recent dump of CIA documents, or Trump’s tweets that Obama tapped Trump Tower during the election season. Trump has not provided any evidence to back up his allegations. Comey, according to reports, has pushed back internally. An official told The Associated Press that the FBI has asked the Justice Department to dispute Trump’s allegations, and The New York Times has reported that Comey says the claim should be corrected by the Department of Justice because it wrongly insinuates that the FBI broke the law. The president’s spokesman Sean Spicer has said Trump has not spoken to Comey since his accusations. Speaking a day after WikiLeaks revealed the vulnerability of smart TVs and other consumer devices to CIA hacking, Comey used his address to outline the strategies the FBI is using to beat back cyberattacks, while imploring the private sector to work and cooperate with the feds to better shield themselves from, and help the FBI investigate, intrusions. “We have to get better at working with the private sector,” Comey said. “You in the private sector are the primary targets.” http://www.bostonherald.com/news/local_coverage/2017/03/james_comey_warns_of_evil_cyber_threats

March 8, 2017

FBI's Comey: 'You're stuck with me for another 6 1/2 years' BOSTON (AP) — FBI Director James Comey said Wednesday he plans to serve his entire 10-year term, even as controversy swirls over his attempt to rebut President Donald Trump's claim that the Obama administration tapped his phones during the election. "You're stuck with me for another 6½ years," Comey said during a cybersecurity conference at Boston College. Comey was appointed 3½ years ago by then-President Barack Obama. Controversy erupted last weekend after Trump tweeted that Obama had tapped his phones at Trump Tower during the election. Trump offered no evidence of his claim. Comey asked the Justice Department to publicly reject the allegation as false. Comey did not reference the wiretapping controversy during his speech to law enforcement officials and private-sector business leaders. He said the FBI is renewing a focus on the challenges posed by encryption. He said there should be a balance between privacy and the FBI's ability to lawfully access information. He also said the FBI needs to recruit talented computer personnel who might otherwise go to work for Apple or Google. "The cyberthreats we face are enormous. I don't know if we can stay ahead of them. And I think to say otherwise would be hubris," Comey said. "We need to ensure that cybersecurity is a priority for every enterprise in the United States at all levels. We need to get better and faster at sharing information in the appropriate ways. We need to make sure we have the right people on board to help fight that threat, and we need to build trust between the government and the private sector," he said. http://bigstory.ap.org/article/46be2a4a4b5645059350fbb4646f9911/fbis-comey-youre-stuck-me-another-6-12-years

March 8, 2017 FBI’s Comey Says ‘You’re Stuck With Me’ for Another Six Years FBI Director James Comey signaled he has no plans to resign despite once again being at the center of a political storm -- this time over probes into Russian hacking of the 2016 election and his request that Justice Department officials reject President Donald Trump’s claims that his predecessor “tapped” his phones. "You’re stuck with me for about another six and a half years," Comey said Wednesday at a cybersecurity conference in Boston, referring to the time remaining in his 10-year appointment to the post. Trump claimed -- without offering evidence -- in tweets on Saturday that former President Barack Obama had wiretapped his phones at Trump Tower in New York during the campaign, a charge refuted by Obama aides and former Director of National Intelligence James Clapper. Comey wanted the Justice Department to publicly rebut the claim, according to a U.S. official who requested anonymity in order to discuss sensitive issues, but the department so far has remained silent. Comey didn’t address the controversy during his speech, which was focused on cybersecurity threats, or in response to questions from the audience afterward. But he said hacking attacks are moving beyond just stealing money and data to affect the U.S. economy and security. "They’re increasingly attacks on our fundamental rights -- the rights guaranteed to us as free people especially here in this great country," Comey said at the conference hosted by the FBI and Boston College. Comey, 56, called on companies to report hacking attacks to the FBI and develop relationships with the bureau before attacks happen. "The majority of intrusions in this country are not reported to us," he said. ‘It’s a Crime’ Companies shouldn’t retaliate by trying to hack back against their attackers, Comey said. "Don’t do it; it’s a crime," Comey said. "It’s not only against the law but it runs the risk of tremendous confusion in a crowded space." Comey also complained about the increasing ease with which smartphones and other devices encrypt the contents of their data. From October to December 2016, about 1,200 of 2,800 devices seized by law enforcement couldn’t be accessed by FBI personnel due to encryption, Comey said. “The advent of default, ubiquitous strong encryption is making more and more of the room in which the FBI investigates dark," he said. Comey’s speech in Boston came just a day after WikiLeaks released documents and files alleging that CIA hackers have developed tools letting them break into devices to monitor conversations and messages before they can be encrypted.

Comey didn’t comment on the disclosure. But he said using hacking tools to break into phones isn’t always efficient or dependable. "While having other technical tools can be useful, it’s incredibly expensive and it doesn’t scale," he said. "It can’t be used broadly because it’s perishable." Tensions With Trump While Trump publicly praised Comey days after his inauguration, saying “he’s become more famous than me,” the president has also lashed out at the FBI over “leakers” he says are undermining his administration. He’s also criticized findings by the intelligence community, including the FBI, that Russia interfered in last year’s election. That tension with his superiors is a recurring theme for Comey, going back to his time as deputy attorney general under President George W. Bush, when his role in opposing a classified warrantless eavesdropping program put him into direct conflict with top White House officials. Last year Comey infuriated the technology industry and privacy advocates when he tried to force Apple Inc. to hack into an iPhone used by a dead terrorist, while his public statements about a probe into emails sent by Hillary Clinton and her aides fueled Democratic accusations that he cost the former secretary of state the presidency. But regardless of who he antagonizes, it’s hard for any president to get rid of an FBI director. Former Director William Sessions, who was ousted by President Bill Clinton and Attorney General Janet Reno in 1993, is the only one forced from office in the bureau’s history. https://www.bloomberg.com/politics/articles/2017-03-08/fbi-s-comey-says-you-re-stuck-with-me-for-anothersix-years

March 8, 2017 FBI Director Comey at cyber conference: 'You're stuck with me' FBI Director James Comey said he has no plans to step down anytime soon in a speech on Wednesday, days after he reportedly pushed back against President Donald Trump's allegations that the Obama administration had tapped phones at Trump Tower. "Youâ&#x20AC;&#x2122;re stuck with me for another 6-1/2 years," Comey said at a Boston College cyber security conference, indicating he expects to serve the remainder of his 10-year term. Comey did not speak with reporters during public appearances in Boston on Tuesday and Wednesday, ignoring questions about the wiretapping accusation that Trump made on Saturday without offering any evidence to support it. Comey, who was appointed FBI director by Barack Obama in 2013, had urged Justice Department officials to refute Trump's claims because it falsely insinuated the Federal Bureau of Investigation broke the law, U.S. officials have said. The department has not acted on his request. The White House said on Monday that Trump still has confidence in Comey despite his assertiveness in challenging Trump's claim. Comey also reiterated a plea for technology companies to enable authorities to access encrypted data on mobile devices and in messaging apps. He said strong encryption had become more popular in recent years, particularly after former intelligence contractor Edward Snowden's revelations about U.S. spying programs. The use of the technology for scrambling data has made it increasingly difficult for law enforcement to investigate crimes, even when authorities have court orders giving them permission to access data, he said. As evidence, he said that FBI technicians were unable to access data in about 1,200 of some 2,800 devices that state and local agency asked the bureau to help open from October to December, hampering progress in criminal investigations. http://www.reuters.com/article/us-usa-cyber-comey-idUSKBN16F23N

Comey: 'You're stuck with me' By LAUREN DEZENSKI CHESTNUT HILL, Mass. — James Comey said Wednesday at a Boston College conference on cybersecurity that he plans to serve his entire 10-year term as FBI director. “You’re stuck with me for another 6 ½ years,” Comey told attendees from the law enforcement and private sectors. Comey’s tenure as director began in 2013 when he was appointed by then-President Barack Obama. Comey, who delivered the keynote speech at the two-day conference on how the FBI is dealing with cybersecurity threats, did not address swirling questions around the bureau and claims by President Donald Trump that Obama ordered a wiretap of then-candidate Trump. Instead, his remarks covered privacy policy issues. “All of us have a reasonable expectation of privacy in our homes, in our cars, and in our devices. But it also means with good reason, in court, government through law enforcement can invade our private spaces,” Comey said. “Even our memories aren’t private. Any of us can be compelled to say what we saw. … In appropriate circumstances, a judge can compel any of us to testify in court on those private communications.” “There is no such thing as absolute privacy in America,” Comey said, because “there is no place in America outside of judicial reach.” Comey added that he himself is a fan of privacy, especially with his Instagram account, which he said has nine followers and is limited to members of his family, and maybe a serious boyfriend of one of his daughters. “I don’t want anyone looking at my pictures,” he said. Comey did not mention Trump, though he did say that the Obama administration offered “clarity” for those “inside the government on who has what responsibilities,” including the FBI’s responsibility, which was “threat response.” The FBI director declined to answer any questions from reporters packed in the back of the event hall, though he did take four questions from attendees that included high-profile members of the defense, health care and law enforcement sectors. The questions concerned advice for businesses in tackling cybersecurity threats. Before diving into his 45 minutes of remarks, Comey made clear that he would not take questions from the media or about issues he didn’t want to talk about. “I’m very slippery,” he added.

http://www.politico.com/story/2017/03/james-‐comey-‐to-‐serve-‐full-‐term-‐235818

March 9, 2017

FBI’s Comey Says Americans Should Not Expect ‘Absolute Privacy’ FBI Director James Comey has put to rest any hope of achieving privacy in the United States. Speaking at a cybersecurity conference at Boston College on Wednesday, Comey said that "there is no such thing as absolute privacy in America." He added that everything Americans engage in, including conversations with members of the clergy and their attorneys, live within "judicial reach." "In appropriate circumstances, a judge can compel any one of us to testify in court about those very private communications," Comey said, according to CNN, which obtained a video of his remarks. Get Data Sheet, Fortune’s technology newsletter Comey's comments come amid growing concern over privacy in light of a WikiLeaks announcement this week, which revealed how the CIA circumvents security features in popular devices—including smartphones and smart TVs—to obtain information on individuals around the world. The WikiLeaks data even suggests that the CIA has the ability to monitor communications over chatting programs that allow for encrypted communications, like WhatsApp (FB, +0.46%) and Signal. The leak was the latest in a string of revelations made public in recent years about the ways the U.S. government apparently collects information on both Americans and people living around the world. Arguably the most impactful of those leaks came from NSA contractor Edward Snowden, who in 2013, detailed how the NSA has secretly collected information about ordinary Americans. While Comey's comments might not quell concerns over privacy, he did try to assuage fears by saying Americans should "have a reasonable expectation of privacy in our homes, in our cars, in our devices." He added that the government cannot peer into a person's life "without good reason." Comey, who himself has come under fire following his decision last year to reopen an investigation into former Secretary of State Hillary Clinton's email in the waning hours of the 2016 presidential election, said that the FBI values privacy and security. He also said that he plans to remain on as FBI director and carry out the six-and-a-half years left on his 10-year term. "You're stuck with me," he told the conference's attendees. http://fortune.com/2017/03/09/fbi-james-comey-privacy/

March 9, 2017 FBI’s Comey: No Absolute Privacy in U.S.

The FBI director also says he has no intention of stepping down anytime soon

FBI Director James Comey charged on Wednesday that there is no longer "absolute privacy" in the United States -- the government could one day request and access the details of just about any conversation. "Even our memories aren't private," Comey told a panel in Boston. "Any of us can be compelled to say what we saw. In appropriate circumstances, a judge can compel any of us to testify in court on those private communications. There is no place in America outside of judicial reach." Comey continued, "There is no such thing as absolute privacy in America." He elaborated that he believes this includes speech which has generally been seen as constitutionally protected.

"Even our communications with our spouses, with our clergy members, with our attorneys are not absolutely private in America," he said. "In appropriate circumstances, a judge can compel any one of us to testify in court about those very private communications." Comey's comments come after a tumultuous past year in American life, one replete with presidential allegations of wiretapping and the publishing of communications from top Democratic Party officials that some say tipped the election to Donald Trump. On Monday, Former senior National Security Advisor Bill Binney charged that new technology has allowed the government to access and archive just about any conversation, including ones featuring the president, consistent with explosive allegations raised by NSA whistleblower Edward Snowden in 2013. But Comey defended some measure of privacy. Americans "have a reasonable expectation of privacy in our homes, in our cars, in our devices," he said. "It is a vital part of being an American. The government cannot invade our privacy without good reason, reviewable in court… We all value privacy. We all value security. We should never have to sacrifice one for the other… Our founders struck a bargain that is at the center of this amazing country of ours and has been for over two centuries," the director explained. Comey's role in the election was controversial, with some alleging that his handling of the investigation of Hillary Clinton cost the Democrats victory in November. Despite all the rancor surrounding him, Comey told the Boston audience he's not going anywhere. "You're stuck with me for another 6 ½ years," Comey said. FBI directors traditionally serve 10 years. Comey, a Republican, was appointed by former President Barack Obama, a Democrat, in 2013. https://wwwusnews.com/news/national-news/articles/2017-03-09/james-comey-says-there-is-no-longer-absolute-privacy-in-the-united-states

March 9, 2017

Comey warns there is no longer 'absolute privacy' in US FBI Director James Comey said Wednesday that Americans should no longer have the expectations of complete privacy. Comey, who was the keynote speaker at a cybersecurity conference at Boston College, said there is no longer “absolute privacy” in the U.S., Politico reported. “Even our memories aren’t private," he said. "Any of us can be compelled to say what we saw. In appropriate circumstances, a judge can compel any of us to testify in court on those private communications. There is no place in America outside of judicial reach." Comey’s comments came less than 24 hours after WikiLeaks released files from the CIA which appear to show that the agency has the ability to hack cars, TVs and smartphones. Comey did not reference the wiretapping controversy during his speech to law enforcement officials and private-sector business leaders. “All of us have a reasonable expectation of privacy in our homes, in our cars, and in our devices. But it also means with good reason, in court, government through law enforcement can invade our private spaces,” Comey said. He said the FBI is renewing a focus on the challenges posed by encryption. He said there should be a balance between privacy and the FBI's ability to lawfully access information. He also said the FBI needs to recruit talented computer personnel who might otherwise go to work for Apple or Google. "The cyberthreats we face are enormous. I don't know if we can stay ahead of them. And I think to say otherwise would be hubris," Comey said. Comey added that he plans to serve his entire 10-year term despite the wiretapping controversy. "You're stuck with me for another 6 1/2 years," he said. http://www.foxnews.com/politics/2017/03/09/comey-warns-there-is-no-longer-absolute-privacy-in-us.html

March 8, 2017 'No such thing as absolute privacy in America,' FBI Director James Comey says in speech on cyber security FBI Director James Comey on Wednesday decried the rise of encryption on users' devices, saying the process makes his agency's job harder. Since former CIA employee Edward Snowden revealed global surveillance methods and programs, encryption is now sold on devices and widely available through a large number of applications, Comey said. "The advent of default ubiquitous strong encryption is making more and more of the room in which the FBI investigates dark," Comey said at Boston College conference on cyber security, arguing the rise of encryption benefits terrorists and pedophiles. In the last three months of 2016, the FBI seized 2,800 devices in investigations of gangs, pedophiles terrorist and counterintelligence work. Out of the 2,800 devices, they could not open 1,200, or 43 percent, of the devices. "That is a big deal," Comey said. The foundation of the country is based on having a reasonable expectation of privacy and security, he added. "We should never have to sacrifice one for the other." But he added that there is no area outside of "judicial reach" - a judge can compel testimony in some circumstances, whether it's between a husband and wife or a person and clergy. "There is no such thing as absolute privacy in America," Comey said, calling it a "general principle" of the country. Widespread encryption shatters that principle and affects national security cases, he said. But he added he appreciates privacy. Comey revealed he has an Instagram account, which has nine followers. He doesn't want anybody looking at the pictures, which are of his family and his travels, Comey added. But he also believes in the principle of no absolute privacy, he said. He called strong encryption a "great" thing and the FBI uses it. "But we also believe user control of data is not a requirement for strong encryption," he said.

It's not the FBI's job to tell American people how to live, he said, but it's not the job of tech companies, either. Tech companies and the FBI have repeatedly clashed over how much information the companies should hand over to the FBI about their users. Americans have to have that conversation, according to Comey. "They're an awesome company, I love their stuff.," he continued, referring to Apple. "They're not evil people. They may weigh things differently than I do. That's ok." "We have to stop bumper-stickering each other, there are no evil people in this debate," he said. http://www.masslive.com/politics/index.ssf/2017/03/no_such_thing_as_absolute_priv.html

March 8, 2017 FBI’s Comey: ‘You’re stuck with me for another 6½ years’ BOSTON — Federal Bureau of Investigation Director James Comey made it clear Wednesday: He doesn’t plan to go anywhere. Comey, who has been the target of ire from both the political left and right, said in a speech that he would finish out his term. “You’re stuck with me for another 6½ years,” he said, delivering the keynote address at the Boston Conference on Cyber Security, a daylong event at Boston College. Comey, a onetime U.S. attorney, was appointed to a 10-year term as FBI director by former President Barack Obama. Comey didn’t broach the controversies dominating the news, including President Donald Trump’s unsubstantiated claims that he was wiretapped by Obama, Tuesday’s WikiLeaks dump of what it says are thousands of Central Intelligence Agency documents, or alleged interference by Russia in the 2016 presidential election. http://www.marketwatch.com/story/fbis-comey-youre-stuck-with-me-for-another-612years-2017-03-08

March 8, 2017

Comey: FBI Couldnâ&#x20AC;&#x2122;t Access Hundreds of Devices Because of Encryption On a day when civil liberties groups were expressing alarm at the tools the CIA has apparently developed for using electronic devices to spy, the FBI director was warning that its capacity to gather evidence in the cyberworld is shrinking. "Picture a room. There's always been a corner of the room that was dark to us, where nation-states and the most sophisticated criminals would find ways to encrypt their data," Comey said at Boston College's cybersecurity conference on Wednesday. "More and more of that room is becoming dark as encryption has become the default, available through a huge number of apps. It becomes a feature of the work of drug dealers, armed robbers, terrorists, pedophiles, and bad people of all sorts." As an example, Comey said, during the last three months of 2016 the FBI lab received 2,800 electronic devices sent in by local police and federal agents looking for evidence they contain. But analysts were unable to open 1,200 of them, "using any technique." "That shadow is spreading from the corner to more and more of the room." The FBI fought a court battle with Apple last year over access to a smartphone used by one of the attackers in the December 2015 terrorist shooting in San Bernardino, California. Agents eventually got into the phone only after paying hundreds of thousands of dollars to an undisclosed person who came up with a way to bypass the phone's security features. As Comey spoke, civil liberties groups were reacting to the latest dump of documents from Wikileaks, containing what appeared to be descriptions of dozens of methods developed by the CIA to eavesdrop on conversations and invade computers. "The Wikileaks disclosure reveals a wide range of previously unknown vulnerabilities in popular consumer products, including the iPhone, the Android phone, and the Samsung Smart TV," said Marc Rotenberg of the Electronic Privacy Information Center. "Congress should move quickly to establish a data protection agency to help address the enormous privacy risks American consumers will now confront." While declining to verify the authenticity of the leaked documents, the CIA said it is forbidden by law from using those methods to spy on anyone in the US. "CIA is legally prohibited from conducting electronic surveillance targeting individuals here at home, including our fellow Americans, and CIA does not do so," said Dean Boyd, a spokesman for the agency. He says the CIA's activities are subject to rigorous oversight by Congress. http://www.nbcnews.com/news/us-news/comey-fbi-couldn-t-access-hundreds-devices-because-encryption-n730646

March 8, 2017

FBI's Comey: 'You're stuck with me for another 6 years' FBI Director James Comey said Wednesday he plans to serve his entire 10-year term, even as controversy swirls over his attempt to rebut President Donald Trump's claim that the Obama administration tapped his phones during the election. "You're stuck with me for another six years," Comey said during a cybersecurity conference at Boston College. Comey was appointed three years ago by then-President Barack Obama. Controversy erupted last weekend after Trump tweeted that Obama had tapped his phones at Trump Tower during the election. Trump offered no evidence of his claim. Comey asked the Justice Department to publicly reject the allegation as false. Comey did not reference the wiretapping controversy during his speech to law enforcement officials and private-sector business leaders. He said the FBI is renewing a focus on the challenges posed by encryption. He said there should be a balance between privacy and the FBI's ability to lawfully access information. He also said the FBI needs to recruit talented computer personnel who might otherwise go to work for Apple or Google. "The cyberthreats we face are enormous. I don't know if we can stay ahead of them. And I think to say otherwise would be hubris," Comey said. "We need to ensure that cybersecurity is a priority for every enterprise in the United States at all levels. We need to get better and faster at sharing information in the appropriate ways. We need to make sure we have the right people on board to help fight that threat, and we need to build trust between the government and the private sector," he said. http://abcnews.go.com/Technology/wireStory/fbis-comey-youre-stuck-12-years-45995044

March 8, 2017

FBI Director James Comey Really Does Not Want You Snooping on His Private Instagram, Thank You

That would be bad, you see. Suffice to say that FBI director James Comey, a man last seen publicly losing his mind over a few stray Hilary Clinton emails even while his people were neck-deep in an investigation of Donald Trump's clandestine contacts with the Russian government, has not had a great year. But if you set aside his stunningly poor judgment and his role in handing the White House to a glorified chemtrails truther, he's just like you and me, really. A regular guy who loves his country, does his job, and doesn't want any goddamn creepers stalking his Instagram photos. From Politico's account of his appearance at a recent cybersecurity conference: Comey added that he himself is a fan of privacy, especially with his Instagram account, which he said has nine followers and is limited to members of his family, and maybe a serious boyfriend of one of his daughters. “I don’t want anyone looking at my pictures,” he said. I hate to be That Guy—no really, I do—but for a man who feels that one's filter choices shouldn't be public, his agency sure puts out a lot of warrantless demands for people's electronic communications records! Like, for example, the orders

issued by the Bureau to Google and Yahoo, promulgated under a Reagan-era executive order that has been used since the passage of the USA PATRIOT Act to justify expanded domestic Internet surveillance. Wired has a quick, terrifying explanation of how these directives, which arrive under the delightfully banal-sounding cover of "national security letters," work in practice: NSLs don't require court approval. Instead they are simply written demands from the FBI that compel internet service providers, credit companies, financial institutions and others to hand over confidential records about their customers. This can include subscriber information, phone numbers, e-mail addresses, websites visited, and IP addresses used to access accounts. An FBI agent investigating a national security case can send a self-issued NSL to a credit bureau, ISP or phone company with only the sign-off of the Special Agent in Charge of their office. The FBI has to merely assert that the information is â&#x20AC;&#x153;relevantâ&#x20AC;? to an investigation. Larger companies can receive hundreds of these secret disclosure orders in a single year, and anyone who has the profound misfortunate of receiving one usually faces jail time if they discuss it with anyone else. Just last month, Twitter's publication of its national security letters revealed that that Bureau appears to have routinely gone beyond the limits of Department of Justice guidance when issuing its requestsâ&#x20AC;&#x201D;as if this type of power weren't already susceptible enough to abuse. In sum: Noted social media user James Comey likes electronic privacy! (And, presumably, the Valencia filter, which is very flattering.) He just doesn't necessarily think that you're entitled to it. http://www.gq.com/story/james-comey-instagram-privacy

March 8, 2017 FBI Director Re-Enters the Encryption Debate James Comey says a "back door" isn't necessary to give the government access to electronic devices FBI Director James Comey on Wednesday again called for an “adult conversation” about encryption, saying its growing use is making it increasingly hard for law enforcement officials to investigate crimes. Nation states, spies, and sophisticated criminals have long been able to hide behind encryption. But Comey said the rise of ubiquitous, strong encryption on electronic devices and apps has allowed drug dealers and pedophiles to hide in the shadows as well. As a result, the balance that has long existed between privacy and security has been disrupted, he said. And it’s up to the American people—not the FBI or tech companies—to decide if that’s a good or a bad thing. “There is no such thing as absolute privacy in America,” Comey said in his keynote address at a cybersecurity conference jointly hosted by the FBI and Boston College. “There is no place in America outside of judicial reach. That’s the bargain.” “Widespread default encryption changes that bargain. In my view, it shatters that bargain.” Comey's remarks come at a time when the government's role in the privacy of consumer technololgy is in the news. On Tuesday WikiLeaks released documents outlining an alleged Central Intelligence Agency program aimed at using consumer devices like TVs and smartphones to spy on people. Americans already were uneasy about their digital privacy. In a recent nationally representative CR Consumer Voices Survey, 65 percent of respondents told us they are either slightly or not at all confident that their personal data is private and not distributed without their knowledge. Comey has long argued that the government needs a way to get around encryption so that it can sufficiently search electronic devices when it’s legally entitled to do so. On Wednesday, he said that during October, November, and December last year, the FBI received a total of 2,800 devices related to criminal investigations from state and local law enforcement. But the information on 1,200 of them was inaccessible because the bureau could not unlock them. But the tech industry and privacy advocates have consistently argued against measures that could weaken encryption or create so-called “back doors,” saying they would put everything from national security to consumers' banking and personal communications at risk. “There is nearly universal consensus from technologists that it’s impossible to build weaknesses or access mechanisms into technology that can only be used by the good guys and not by the bad,” Cindy Cohn, executive director of the Electronic Freedom Foundation, wrote in an email to Consumer Reports. “No amount of foot stamping or demanding that technologists work harder can change that fact.”

The encryption debate grabbed headlines in February 2016 when Apple fought demands that it help the FBI crack into a locked iPhone used by one of the attackers in the San Bernardino, Calif., shootings. But the battle died down after the FBI found another way to access the information on the San Bernardino phone. At Wednesday’s event, Comey said he is not in favor of weakening encryption or creating back doors, arguing that there are other ways to give the government access to the information stored on electronic devices. He cited as an example the mobile-device-management software the FBI and private companies install on the phones they issue to employees. That gives the employer the ability to unlock a phone, access its information, and remotely wipe it. Comey stopped short of proposing a specific plan, but any program to grant the government access to the millions of devices owned by American citizens remains troubling to privacy advocates such as Kevin Bankston, director of New America's Open Technology Institute. “Think of the loss of consumer trust,” Bankston wrote via email. “I don’t know many Americans, much less international or business consumers, who would want to buy or rely on a phone that’s been explicitly designed to allow governments to secretly and remotely access its contents.” http://www.consumerreports.org/privacy/fbi-director-re-enters-the-encryption-debate/

March 8, 2017

FBI Director Comey at cyber conference: 'You're stuck with me' BOSTON (Reuters) - FBI Director James Comey said he has no plans to step down anytime soon in a speech on Wednesday, days after he reportedly pushed back against President Donald Trump's allegations that the Obama administration had tapped phones at Trump Tower. "Youâ&#x20AC;&#x2122;re stuck with me for another 6-1/2 years," Comey said at a Boston College cyber security conference, indicating he expects to serve the remainder of his 10-year term. Comey did not speak with reporters during public appearances in Boston on Tuesday and Wednesday, ignoring questions about the wiretapping accusation that Trump made on Saturday without offering any evidence to support it. Comey, who was appointed FBI director by Barack Obama in 2013, had urged Justice Department officials to refute Trump's claims because it falsely insinuated the Federal Bureau of Investigation broke the law, U.S. officials have said. The department has not acted on his request. The White House said on Monday that Trump still has confidence in Comey despite his assertiveness in challenging Trump's claim. Comey also reiterated a plea for technology companies to enable authorities to access encrypted data on mobile devices and in messaging apps. He said strong encryption had become more popular in recent years, particularly after former intelligence contractor Edward Snowden's revelations about U.S. spying programs. The use of the technology for scrambling data has made it increasingly difficult for law enforcement to investigate crimes, even when authorities have court orders giving them permission to access data, he said. As evidence, he said that FBI technicians were unable to access data in about 1,200 of some 2,800 devices that state and local agency asked the bureau to help open from October to December, hampering progress in criminal investigations.

https://www.yahoo.com/news/fbi-director-comey-cyber-conference-youre-stuck-163116329.html

March 8, 2017

Encryption is hindering FBI’s crimefighting efforts: Comey Maybe FBI Director James Comey should call the CIA. Speaking at a cybersecurity conference on Wednesday, Comey said encryption is hindering his agency’s crime-fighting efforts, disclosing that his agents couldn’t crack 1,200 of the 2,800 devices they had the legal authority to open between September and November 2016 “with any technique.” “That’s a big deal,” he said at the Boston College event. Comey said he’s always favored “strong encryption” but added that “it is making more and more of the room of what the FBI investigates dark.” For years, he said, encryption was mostly limited to countries and sprawling criminal enterprises. But the secrecy technique has been growing since former National Security Agency contractor Edward Snowden leaked classified data about US spying practices. “These apps are now a default feature of much less sophisticated actors, drug dealers, bank robbers, pedophiles, some terrorists. Their shadow is spreading across more of our work,” he said. The FBI chief also said “we need to built trust between the government and private sector,” adding this isn’t the “FBI versus Apple.” During his talk, Comey didn’t discuss the WikiLeaks dump of CIA documents a day earlier that shows how the spy agency can turn everyday electronic devices like Apple iPhones and Google Androids, as well as Samsung smart TVs, into covert listening devices. The trove of intelligence data released on Tuesday also revealed the CIA’s ability to exploit popular apps like WhatsApp, Signal and Telegram by snatching messages before they can be encrypted. In a light-hearted moment, Comey assured the gathering that he plans to be around a while, having served just a third of his 10-year term. “You’re stuck with me for another 6 1/2 years,” he said. http://nypost.com/2017/03/08/encryption-is-hindering-fbis-crime-fighting-efforts-comey/

'You're stuck with me for 6.5 years': Comey at Boston College 'You're stuck with me for 6.5 years,' FBI Director James Comey said at a cybersecurity conference at Boston College.

Video runtime: 1:26 http://www.dailymail.co.uk/video/news/video-1426117/You-stuck-6-5-years-Comey-BostonCollege.html

FBI Director Comey: ‘You’re stuck with me’

Video runtime: 1:40

http://www.reuters.tv/v/Fq6/2017/03/09/fbi-director-comey-you-re-stuck-with-me

Comey: 'There is no such thing as absolute privacy in America' (CNN) FBI Director James Comey warned Wednesday that Americans should not have expectations of "absolute privacy," adding that he planned to finish his term leading the FBI.

"There is no such thing as absolute privacy in America; there is no place outside of judicial reach," Comey said at a Boston College conference on cybersecurity. He made the remark as he discussed the rise of encryption since 2013 disclosures by former National Security Agency contractor Edward Snowden revealed sensitive US spy practices.

Video runtime: 1:04

http://www.cnn.com/2017/03/08/politics/james-comey-privacy-cybersecurity/index.html

Comey: Americans Should Not Expect "Absolute Privacy" (CNN)FBI Director James Comey warned Wednesday that Americans should not have expectations of "absolute privacy," adding that he planned to finish his term leading the FBI. "There is no such thing as absolute privacy in America; there is no place outside of judicial reach," Comey said at a Boston College conference on cybersecurity. But, he said, Americans "have a reasonable expectation of privacy in our homes, in our cars, in our devices.

Video runtime: :36

https://www.msn.com/en-us/news/video/comey-americans-should-not-expect-absolute-privacy/viAAo2JJH

Comey: 'No Such Thing as Absolute Privacy in America' FBI Director James Comey spoke at a cybersecurity conference at Boston College Wednesday, addressing current encryption software, the idea of privacy in the modern age and how the FBI can improve its fight against cyberthreats.

Video runtime: 1:39

http://www.nbcnewyork.com/news/national-international/James-Comey-Discusses-FBI-CybersecurityBoston-415696163.html

FBI Director Comey talks Cyber Security at BC VIDEO: FBI Director James Comey making some news in Boston, speaking about cyber security at Boston College.

Video runtime: 1:38 http://www.wcvb.com/article/fbi-director-comey-talks-cyber-security-at-bc/9109587

FBI's Comey: 'You're stuck with me for another 6 1/2 years' BOSTON (AP) - FBI Director James Comey said Wednesday he plans to serve his entire 10-year term, even as controversy swirls over his attempt to rebut President Donald Trump's claim that the Obama administration tapped his phones during the election. "You're stuck with me for another 6Â˝ years," Comey said during a cybersecurity conference at Boston College.

Video runtime: 2:00 http://www.fox25boston.com/news/massachusetts/fbis-comey-youre-stuck-with-me-for-another6-12-years/500774400

FBI Director Comey Talks Cybersecurity at Boston College The FBI director's visit to Boston comes as controversies around Donald Trump, Russia and Wikileaks heat up in Washington Â

Video runtime: 1:39 http://www.necn.com/news/new-england/FBI-Director-Comey-Cyber-Security-Talk-BostonCollege-415666183.html

In Boston, The FBI's Comey Warns About Threats Of Cyber Intruders

Runtime: 3:48 http://www.wbur.org/news/2017/03/08/comey-cybersecurity

FBI Director James Comey says 'absolute privacy' does not exist in the US

In a speech on cybersecurity Mr Comey discussed the FBI's problems in unlocking devices obtained in investigations

Video runtime: 1:08

http://www.independent.co.uk/news/world/americas/fbi-director-james-comey-no-absoluteprivacy-a7619621.html

FBI boss James Comey says 'Even our memories aren't private' as concerns mount over CIA hacking

Comey said that 'absolute privacy' did not exist in the US, adding that encryption has limited the FBI's ability to access devices. As America comes to grips with WikiLeaks' revelations about CIA hacking, FBI director James Comey warned that "absolute privacy" does not exist in the US. Comey made his comments at a cybersecurity conference in Boston and also indicated that he expects to serve out the remainder of his 10-year term with the agency. "You're stuck with me for another 6-1/2 years," Comey said, Reuters reported. Comey also said, "There is no such thing as absolute privacy in America." "All of us have a reasonable expectation of privacy in our homes, in our cars, and in our devices. But it also means with good reason, in court, government, through law enforcement, can invade our private spaces," Comey said at the conference on Wednesday. "Even our memories aren't private. Any of us can be compelled to say what we saw ... In appropriate circumstances, a judge can compel any of us to testify in court on those private communications," he added. He reportedly ignored questions about PresidentDonald Trump's accusations of former president Barack Obama authorising wiretapping. Comey allegedly pushed US Justice Department officials to refute Trump's claims as it falsely alluded to the FBI breaking the law. Neither the Justice Department nor the FBI have officially commented on the matter. The White House said that despite Comey challenging Trump's claims, Trump still has confidence in the FBI head. Encryption still a sore point for FBI During the conference, Comey also attempted to highlight the challenges that encryption poses to law enforcement agencies like the FBI. He claimed that of the 2,800 devices the FBI obtained in various investigations, the agency was not able to access data from around 1,200 of them. Comey made a plea to the tech community to enable authorities to access encrypted data on devices and communications apps. Tech firms, please don't hack back Comey also addressed a new "cyber self defence" bill proposed by Republican Congressman Tom Graves, which would allow companies to hack back their attackers, in efforts to counter cyberattacks. The bill would also allow changes to be made to the Computer Fraud and Abuse Act (CFAA). However, he does not appear to be in support of the bill. He said that this kind of hack back scenario could even hinder the FBI's own work in apprehending cybercriminals. "It runs a risk of tremendous confusion in a crowded space," Comey said. "And I know that's a frustrating answer often, and it maybe some day our country will change the law, but the hacking back could cause all kinds of complications for things we're trying to do to protect you." Comey appealed to tech firms stating, "Before you consider it, you should talk to us and see what we might be able to do to help. "Don't do it. It's a crime. Don't do it." http://www.ibtimes.co.uk/fbi-boss-james-comey-says-even-our-memories-arent-private-concerns-mount-over-cia-hacking1610554

March 9, 2017 FBI chief calls for private sector to help battle cybercrime

As the FBI has been expanding and retooling its approach to cyber investigations, Director James Comey stresses need for CISOs to engage with the bureau. CHESTNUT HILL, Mass. -- FBI Director James Comey has tough words for private sector firms that won't engage with federal law enforcement authorities on cybersecurity, an area where the bureau has been dramatically expanding its investigation and prosecution efforts. In a keynote address at a cybersecurity conference at Boston College, Comey lamented that most incidents of intrusion and attacks against U.S. businesses go unreported. But when a victim does report a breach to the FBI, such as the damaging attack against Sony in 2014 that was attributed to North Korea, agents will have a much easier time investigating and helping businesses mitigate the damage if they are already somewhat familiar with the target's systems. "Sony had taken the time to get to know us," Comey said, describing a rapid response to that incident where agents with a baseline familiarity with Sony's systems could hit the ground running. "If you are the chief information security officer [CISO] of a private enterprise, and you don't know someone at every single FBI office where you have a significant facility, you're not doing your job. Know that you're pushing on an open door," Comey said. "We're not looking to know your private information, but we need to know you in a way so we can help you in a difficult circumstance." Comey described a multi-pronged initiative underway at the FBI to crack down on cybercrimes that involves recruiting and hiring more cyber experts, improving engagement with outside partners -- including the private sector -- and rethinking the bureau's traditional approach to working cases. The bureaus is also working to bolster deterrence both through hardening systems that might be targeted and winning convictions in more criminal cases. Comey also indicated that he intends to serve out the remaining 6 1/2 years of his term, despite speculation that he might step down amid tensions with the White House. He did not address his reported request for the Justice Department to issue a statement refuting President Trump's assertion that his campaign had been wiretapped by former President Obama, nor the unfolding probe into Russian hacking of political targets during the election. Comey participated in a brief question-and-answer session with audience members following his keynote address, but did not take questions from reporters. A spectrum of threats, an â&#x20AC;&#x2DC;evil layer cakeâ&#x20AC;&#x2122; He did offer that nation-states comprise the most dangerous enemies in the "stack" of cyber adversaries, followed by multinational hacking syndicates, insider threats, hacktivists and terrorists, the least menacing element of what Comey calls "an evil layer cake."

"The reason I put them at the bottom of the stack is that terrorists are adept at using the internet to communicate, to recruit, to proselytize, but they have not yet turned to using the internet as a tool of destruction in the way that logic tells us certainly will come in the future," Comey said. Regardless of what type of actor initiates the attack, the FBI is looking at cyber events in a fundamentally different way than conventional crimes that have a clear physical location. If a pedophile is under investigation for crimes in San Francisco, say, the San Francisco field office of the FBI would handle the case. Not so with cyber. Comey said that the bureau is assigning those cases, where the perpetrators could be up the street or halfway around the world, to the field offices that best demonstrate "the chops" to handle specific cyber investigations. So even if a bank in New York was the victim of a cyberattack, the field office in Little Rock, Ark., potentially could take the lead on the case, with support from other offices that might need to conduct investigative work on the physical premises. "Whichever field office has demonstrated the best ability on that, we're going to give it to that field office," Comey said. "This has a not-unintended consequence of creating competition within the FBI." Private sector has edge for hiring top cyber talent, money In addition to reorienting the bureau's internal approach, Comey said that the FBI is trying to step up its recruiting efforts to bring in the next wave of cyber experts, though he acknowledges that competing with private-sector for top talent is a perennial challenge. "Here's the challenge we face: we cannot compete with you on dough," Comey said. "The pitch we make to people is come be part of this mission. Come be part of something that is really hard, that is really stressful, that does not pay a lot of money, that does not offer you a lot of sleep. How awesome does that sound? The good news is there's a whole lot of people -- young people -- who want to be part of that kind of mission, who want to be part of doing good for a living." But the difficulties in winning over converts to the bureau's mission are also tied up in a deeper problem, the same perception of the government as an adversary -- or at least something to be avoided -- that has clouded relations with some in the private sector. Comey wants to dispel the notion of the FBI as "the man," in the Big Brother sense. "We have to get better at working with the private sector," he said, decrying firms that are subject to a ransomware attack who opt to pay the ransom and enlist a security consultant to help clean up the mess without alerting law-enforcement authorities. "That is a terrible place to be," he said. "It is a great thing to hire the excellent private-sector companies that are available to do attribution and remediation, but if the information is not shared with us, we will all be sorry. Because you're kidding yourself if you think I'll just remediate this thing and it will go away, because it will never go away." Paying ransoms, he argues, only emboldens the criminals, and keeping details of the breach in-house hinders lawenforcement authorities from tracking down the perpetrators. Plea to tech companies to resist outfitting products with unbreakable, default encryption Comey put in another plug for tech companies to resist the impulse to outfit their products with unbreakable, default encryption, recalling the highly publicized showdown between the FBI and Apple, while calling for all parties in the debate to resist the urge to resort to "bumper-stickering" the other side and rejecting the suggestion of an inherent tradeoff between privacy and security as a false choice. "It is short-sighted to conclude that our interests are not aligned in this," he said. "We all value privacy. We all value security. We should never have to sacrifice one for the other." http://www.cio.com/article/3178715/cyber-attacks-espionage/fbi-chief-calls-for-private-sector-to-help-battlecybercrime.html?page=2

March 8, 2017 Want to improve risk management? Do the basics It may be impossible to stop an intrusion by a determined, sophisticated adversary, but basic security hygiene can deter most of the rest, agreed a panel at a Boston College cybersecurity conference this week Most organizations could eliminate more than 75 percent of their risk of cyber intrusions if they just did the online version of locking their doors and windows. That was one of the main takeaways from a panel discussion on cyber risks at Wednesday’s 2017 Boston Conference on Cyber Security, cosponsored by the FBI and Boston College’s Woods College of Advancing Studies. The session, titled “Are You Managing Your Cyber Risks? Challenges from the Legal and CISO Perspectives,” was moderated by Cynthia J. Larose, partner and chair of the Privacy & Security Practice at the Mintz Levin law firm, and featured panelists from multiple industry sectors, education and government. And there was general agreement that while there is much greater awareness of cyber risks in the workplace, the combined challenges of complex technology and human weakness means that far too many organizations still amount to “low-hanging fruit” for attackers. E.J. Yerzak, a partner at Ascendant Compliance Management, who works with firms in the financial sector including investment advisers, said he regularly encounters firms that are, “behind the curve.” “They have nothing in writing when it comes to cybersecurity policies and plans,” he said. “That’s a big problem, because there’s a disconnect between what the C suite thinks is happening and what is actually happening.” He said the CEO at one firm confidently told him his firm was not using cloud services at all. “But I talked to other departments, and they were using just about all the cloud-based services on the planet – Dropbox and everything else,” he said. Sara Cable, an assistant Massachusetts attorney general who works in consumer protection, called that story, “mind-blowing,” and said it would not only likely violate Massachusetts law, but was also profoundly lacking in business sense. “Our tolerance for ignorance of the law is rapidly declining,” she said, “but we’re also talking about business assets. A lot of attacks aren’t sophisticated – it’s easy to prevent them. It’s like people pushing on doors to see which ones are unlocked, and they are finding a lot of wide open doors.” Lorna Koppel, director of information security and CISO at Tufts University, said the most intractable problem for her is the human element, in part because there are different constituencies – students, administration, staff and faculty – all with different priorities and levels of awareness.

“Many of them don’t understand the risks,” she said. “They think, ‘nobody cares about my email.’ People want to do the right thing, but the challenge is getting them there.” Yerzak said that kind of human weakness is responsible for most of the insider threats he sees – from “wellintentioned” employees who may work after hours and are “trying to help” attackers posing as customers with urgent requests. “They click a link, open an attachment and malware gets on system,” he said. “We’re seeing the rampant spread of ransomware. All the controls, policies and procedures can’t overcome human factor.” Cable wondered, “why we can’t build in little pauses – something that pops up and asks if you’re sure you want to click on this.” Or why top management couldn’t regularly send out policy statements along the lines of, “I will never email and ask for X information. “There are simple little tricks that could help,” she said. Larose suggested that, “more regular reminders instead of the annual security awareness training session,” would keep employees more aware, and focused, on security. Cable said in her view, the most important thing for enterprises is not to let fear of sophisticated attacks paralyze them. “Sophisticated attacks are very rare,” she said. “The accidental are much more common, and all preventable if you take a moment as an enterprise to do things like see what sensitive information you have, where it is, where’s it moving, and then take steps to protect it. “The law requires reasonable efforts, not perfection,” she said. “And that’s possible. I think we should empower people by not making it too complicated.” http://www.csoonline.com/article/3178661/security/want-to-improve-risk-management-do-the-basics.html

March 9, 2017

FBI Director Comey: 'no such thing as absolute privacy' According to him, encryption breaks the power of a court subpoena. If you're wondering how the director of the FBI can justify advising that you tape over your webcam while also asking for backdoor access to iPhones, check out his keynote speech at the 2017 Boston Conference on Cyber Security. As James Comey sees it, Americans should not expect "absolute privacy" because a court can (under some circumstances) compel people to give testimony from their memory of private conversations and it should be able to order up digital evidence the same way.

During his speech, which you can watch below, Comey did not comment on Donald Trump's wiretapping claims or the recent WikiLeaks CIA post. He went on to say that the FBI was unable to access data on 1,200 of the 2,800 devices it tried to access between October and December. Somehow, Comey also claimed "We all value privacy. We all value security. We should never have to sacrifice one for the other." As we all reckon with the truth that our phone is now the biggest privacy threat, law enforcement is similarly trying to figure things out. Right now, that seems to mean talking out of both sides of its mouth when it comes to security and encryption.

https://www.engadget.com/2017/03/09/fbi-director-comey-no-such-thing-as-absolute-privacy/

March 8, 2017

Comey talks strong Crypto, silent on Wikileaks

CHESTNUT HILL, Ma.—FBI director James B. Comey today revived the Going Dark discussion during a keynote address at the Boston Conference on Cyber Security, saying it’s time for an adult conversation on the prevalence of strong encryption and how it hinders criminal and national security investigations. Comey, during his 45-minute address, did not address the expansive leaks of CIA hacking tools yesterday by WikiLeaks or Russia’s alleged manipulation of the U.S. presidential election. He did not take questions from media in attendance, though he did answer a few from attendees. Comey’s stance on strong encryption has remained largely unchanged in the past two years, running in parallel with the growth in mainstream adoption of secure messaging applications such as Signal, WhatsApp and others. The director contends that strong crypto not only impedes investigations, but cuts the legs out from judicial warrants that allow law enforcement on the local and federal level to seize digital devices. Comey said that between October and December of last year, the FBI took possession of 2,800 devices, and there were 1,200 that the bureau could not crack and access stored data. “That’s a big deal,” Comey said.

Comey acknowledged that strong crypto has always been around, but prior to Edward Snowden’s leaks of NSA secrets, it was largely the purview of nation states and sophisticated criminal groups. “These apps are now a default feature of much less sophisticated actors, drug dealers, bank robbers, pedophiles, some terrorists,” Comey said. “Their shadow is spreading across more of our work.” In the past, Comey has challenged technology companies to try harder to come up with a reasonable solution that does not require a backdoor or one that weakens encryption. Today, he backed off the challenge to tech companies and called for a discussion among the relevant parties that he says share the same values. “We have to have a hard conversation about what we’re doing,” Comey said. He also rebuked claims made by experts in the past that law enforcement could gain valuable intelligence from intercepted metadata, which is not encrypted and often includes information about call records, email headers and physical location. “Metadata is limited, especially when we are obligated to prove guilt beyond a reasonable doubt,” Comey said. “We just can’t get there against a pedophile or a terrorist.” “Other say that maybe you can develop a hacking tool. That’s expensive and it doesn’t scale,” Comey said, harkening back to the Apple-FBI debate. “Something like that cannot be used broadly because they are perishable.” Comey tried to tug on some patriotic heart strings as well, pointing out that the country’s founders struck a bargain that the government cannot invade one’s privacy without probable cause and a court order. What they founding fathers were saying, Comey countered, is that with good reason, the government can invade one’s privacy. “There is no absolute right to privacy,” Comey said, adding, “with respect to default, strong encryption, it changes that bargain, and shatters it, in my view.” Comey began his keynote by explaining the FBI’s ranking of cyber adversaries, starting with nation states at the top (he named China, Russia, Iran and North Korea), followed by multinational crime syndicates that sometimes work on behalf of nation-states, followed by insiders, hacktivists and terrorists at the bottom of the stack. He also explained the importance of the FBI increasing the cost of attacks for hackers, one of the FBI’s five strategic goals. That strategy includes increasing international pressure to prosecute hackers, or at least name and shame them as the government did in the case of China’s PLA hackers or Iranian actors allegedly responsible for DDoS attacks against U.S. banks in 2012 and 2013. “We want to make sure they feel our breath on their neck,” Comey said. https://threatpost.com/comey-talks-strong-crypto-silent-on-wikileaks/124145/

March 8, 2017

FBI boss: 'Memories are not absolutely private in America' Comey blames Snowden for popularity of encryption FBI director James Comey has told a cybersecurity conference that any communications – be it with your spouse, your priest, or your lawyer – and any of your memories are up for grabs should a court order it. Speaking at the Boston Cyber Security Summit, Comey said that America's founding fathers had set down that there is a right to privacy but that the government has a right to intrude in the name of security. It was part of a 200-year old "bargain of ordered liberty," he opined. "Even our memories are not absolutely private in America," he said. "Any of us can be compelled – in appropriate circumstances – to say what we remember, what we saw. Even our communications with our spouses, with our clergy members, with our attorneys are not absolutely private in America. In appropriate circumstances a judge can compel any one of us to testify in court about those very private communications." Comey made this argument as part of a discussion about the FBI's relationship with encryption. He said that encryption had always been part of computer technology, but after Edward Snowden's whistleblowing we had seen a huge rise in the use of encryption, and this was making life difficult for the FBI. Between October and November last year, the FBI had taken 2,800 devices that it had the lawful right to search. But because of their encryption the FBI wasn't able to break into 1,200 of them. Technology firms have taken strong encryption and given it to everyone, even drug dealers and pedophiles, he complained. Given the leak of the CIA's exploit list on Tuesday, that seems difficult to understand. Several of the zero-day attacks on mobile operating systems were listed as coming from the FBI, and the agency can call on the resources of the NSA and private companies as needed. Comey professed himself a fan of both privacy and strong encryption. On the privacy side of things he has an Instagram account, he said, but it only has nine followers because he blocks everyone but family members. He said he likes that privacy, but would open up the account if compelled to do so under the law.

Similarly with encryption, Comey said the FBI protects its own data with strong encryption and issues encrypted devices to its agents. But if necessary, it can still get around the encryption on those devices and companies need to have a similar approach, he argued. Presumably this means some kind of shared key exchange, with the government holding one of the keys. We suggest he ask the NSA, CIA, and OPM how well their secrets were protected. Comey denied that Apple and the FBI had been in conflict over encryption, despite the extensive legal proceedings the agency went through to try to force Cook & Co to do its bidding. He asked again for an adult conversation about the encryption debate. "We need to stop bumper stickering each other, and tweeting at each other," he said. "There are no evil people in this debate." Hacktivists more dangerous than terrorists In his talk, Comey outlined the FBI's top five cybersecurity threats and his ordering might cause some surprise. Top of the list was nation state hackers, he said, followed closely by international professional hacking groups that worked for money. The next most dangerous threat was employees and staff carrying out insider attacks, he said, followed by hacktivists seeking to use computer crime to advance political aims. But at the bottom of the FBI's list were terrorists. While terrorist groups have proved adept at using the internet to spread propaganda and recruit new members, they are relatively unskilled and haven't turned to online crime to carry out attacks, Comey said. To beat these threats the FBI is trying to get better skills by recruiting from the outside. The Feds are looking for people with the right skills, physical fitness, and integrity. There's no point hiring someone who's a whiz at computing and fit enough to pack heat if they "smoke weed on the way to the interview," he joked. The FBI can't match private industry when it comes to salaries, Comey said, but the FBI is trying to make the organization more tech-friendly. That doesn't mean beanbags and whiteboards he said, but the agency wanted to attract talent and so would have to loosen up a little. The FBI has also introduced internal competition, he said, so that now an online investigation will be carried out by whoever is most skilled, not by whoever is at the scene of the crime. All field offices will have a cyber specialist and Comey expects the competitive aspect to lead to improvements in skills and conviction rates. He also appealed for companies to work with the FBI more, saying that if you are a chief security officer and don't know your local FBI officer then you're failing at your job. But he issued a stern warning against companies hacking back against attackers. "Don't do it, it's a crime," Comey pronounced. "It also runs the risk of creating confusion in a crowded space." ÂŽ https://www.theregister.co.uk/2017/03/08/fbi_boss_says_memories_not_private_in_america/

March 12, 2017

The cyber threat

BC's Woods College, FBI partner to host first Boston Conference on Cyber Security Several hundred experts, industry leaders and officials, and media representatives gathered at Boston College on March 8 for the first Boston Conference on Cyber Security, organized through a partnership between the FBI and the Cybersecurity Policy & Governance masterâ&#x20AC;&#x2122;s degree program at the Universityâ&#x20AC;&#x2122;s Woods College of Advancing Studies. The daylong conference, which organizers hope will become an annual event, featured a keynote address by FBI Director James B. Comey, whose remarks centered on the cyber threat landscape, what the FBI is doing to stay ahead of the threat, and the importance of strong private sector partnerships. "The cyber-threats we face are enormous," Comey said. "We need to ensure that cybersecurity is a priority for every enterprise in the United States at all levels; we need to get better and faster at sharing information in appropriate ways; we need to make sure we have the right people on board to help us fight that threat, and we need to build trust between the government and the private sector; but most of all, we need to work this together." "Boston College is a leader in thinking and educating on these incredibly important issues, so this is a great place to have this; I hope you'll have it many more times," he said. (Read more about his remarks in this FBI news release.)

Sampling of conference media coverage: Associated Press, Wall Street Journal, Bloomberg News, Reuters,CNN, NPR, WBUR-FM, Boston Globe, TIME, U.S. News & World Report, New York Times, Fortune, CIO Magazine, Boston Business Journal, NBC News-NY, WCVB-TV, CBS Boston, Fox 25 News Boston, NECN, Boston Herald, NBC News.com, ABC News.com, FOX News Politics, The Register (U.K.), The Daily Mail (U.K.), The Independent (U.K.), International Business Times, Threat Post, Engadget

His speech was followed by panel discussions with a who’s who of cybersecurity experts from the FBI, Boston College, Department of Homeland Security, Department of Defense, U.S. Cyber Command, IBM Security, Dell EMC, Symantec, Jones Day, PwC, Mintz Levin, Raytheon, Akamai, Draper Labs, State Street, Charles River Associates, National Grid, and the U.S. Naval Academy, among many others. Topics centered around emerging technologies, best practices, operations and enforcement, and real life cyber- and national security experiences, an agenda designed to help students of the master's program, as well as private industry and government leaders, to address today’s cyber-threats. “Combating cyber-crime is one of the FBI’s top priorities because of the direct threat it poses to our national security and economy,” said FBI Assistant Special Agent in Charge Joseph Bonavolonta, who oversees the cyber/counterintelligence program for the agency's Boston Division. “The work we do wouldn’t be possible without close collaborative partnerships with the private sector," he said, noting his hope that BCCS 2017 would "help everyone get on the same page so we’re better positioned to identify threats, share information and ultimately defeat cyber criminals.”

“With cyber-attacks in the news every day, there’s a fear out there, but it’s causing a ‘security fatigue’ to it all, because business, government, and consumer users are overwhelmed and sick of being on constant alert,” said Kevin Powers, founding director of the Woods College Cybersecurity Policy & Governance program, and a former analyst and attorney for the U.S. Justice and Defense departments and U.S. Navy. The goal of the conference, he said, was "to highlight why it’s not only in users’ best interests to continue to focus on cybersecurity, but also for the greater good. There needs to be an all-hands-on-deck approach, as the cyberthreats we face today are not going away anytime soon.” Bonavolonta echoed Powers’ remarks. “Most of America’s cutting-edge technology and equipment is found in the private sector: manufacturers, contractors and academia. Cyber-criminals continue to exploit these networks to steal information. The FBI is committed to finding the criminals behind these attacks, but we can’t do it alone. Conferences like this will help everyone gain a better understanding of the emerging threats as well as our individual roles and responsibilities in defeating them.” The Woods College Cybersecurity Policy & Governance program’s partnership with the FBI is one of more than three dozen governmental and business ties it has formed during its first full year of existence. Others include the Massachusetts State Police, Lockheed Martin, PwC, SkyBox Security, Comtrade, GuidePoint Security, Bank of America, Raytheon, Gartner Consulting, Locke Lord, LLP, and the US departments of Defense, Energy, Homeland Security, Justice, and Treasury. “Our partners collaborate with us by providing guest lecturers, hosting joint panel discussions and networking events, and providing internships and applied research projects to our students,” said Powers. “It is a true collaborative effort by government, industry and academia – with BC taking the lead – to address and mitigate these cyber-threats." –University Communications http://www.bc.edu/bc-web/bcnews/science-tech-and-health/technology/cybersecurity-conference-2017.html

March 8, 2017

FBI Director Addresses Cyber Security Gathering Varied Group of Cyber Experts Exchange Ideas This morning, Director James Comey delivered a keynote address at the inaugural Boston Conference on Cyber Security, touching on the current cyber threat landscape, what the FBI is doing to stay ahead of the threat, and the importance of strong private sector partnerships. The conference, a partnership between the FBI and Boston College’s Cybersecurity Policy and Governance master’s degree program, also features additional expert speakers and panelists who will be covering such areas as emerging technologies, operations and enforcement, along with real-life cyber and national security experiences focusing on risk, compliance, policy, threat trends, preparedness, and defensive strategies. Cyber threats, said Comey, are “too fast, too big, and too widespread for any of us to address them alone.” During his remarks, Comey discussed the “stack of bad actors” committing cyber crimes, including nation-states, multinational cyber syndicates, insiders, hacktivists, and—currently to a lesser degree—terrorists (“they have not yet turned to using the Internet as a tool of destruction,” he explained, “in a way that logic tells us certainly will come in the future.”) And what are these bad actors after? According to Comey, they’re after information, access, and advantage. He further explained, “And we’re not only worried about loss of data, but corruption of that data and lack of access to our own information.” The public and private sector can help deter this behavior, said Comey, by reducing vulnerabilities, reducing the threat by holding accountable those who are responsible, and mitigating the damage. The FBI Director also laid out the Bureau’s five-part strategy to address cyber intrusions: § § § § §

Focusing ourselves better inside the FBI in terms of how we operate and who we hire; Shrinking the world by clarifying investigative “lanes in the road” here at home and enhancing cooperation abroad; Imposing costs on this kind of behavior by locking cyber criminals up and/or calling them out through incidents and sanctions; Enhancing the “digital literacy” of state and local partners through training, equipment, and task forces to make them more effective; and Working to improve collaboration with private sector entities, the primary targets of cyber intrusions but the majority of whom, according to Comey, don’t turn to law enforcement when they’re breached.

Comey also spoke about the impact of the advent of “ubiquitous strong encryption” on the work of law enforcement and urged the audience to “continue to engage in what is a very complicated and difficult subject.” This so-called Going Dark issue is a growing challenge to public safety and national security that has eroded law enforcement’s ability to obtain electronic information and evidence with a court order or warrant.

https://www.fbi.gov/news/stories/fbi-director-addresses-cyber-security-gathering

March 7, 2017 FBI Director James Comey To Visit New Boston Offices CHELSEA, Mass. (AP) — FBI Director James Comey (KOH’-mee) is set to visit Massachusetts to mark the opening of the Boston FBI division’s new offices and to speak at a cybersecurity conference amid wiretapping accusations lodged by Republican President Donald Trump. Trump claims Democratic former President Barack Obama tapped his phones during last year’s election. Comey has privately asked the Department of Justice to dispute Trump’s wiretapping allegations as false. Obama’s camp has flatly denied Trump’s claims, which were presented without evidence. Comey is expected to attend a ribbon-cutting ceremony Tuesday for the Boston FBI division’s new headquarters in Chelsea, just north of Boston. On Wednesday he’s scheduled to speak at a cybersecurity conference at Boston College. Comey became a polarizing figure in the presidential race when he spoke publicly about an investigation into Democratic candidate Hillary Clinton’s emails.

http://boston.cbslocal.com/2017/03/07/james-comey-fbi-director-boston-chelsea-offices/

March 7, 2017 Comey avoids wiretapping questions at Boston FBI offices

Director James B. Comey remained mum today on President Trump’s explosive allegations that former President Obama tapped his phones during the election, taking the chance to playfully toy with the audience during a ribbon-cutting ceremony for the bureau’s new Boston-area field office. “Right at the beginning ... I should hit an issue that I know is on the minds of many and that is controversial, so I should speak to it directly,” Comey said at the start of his brief remarks, pausing for dramatic effect. “I am a New York Giants fan.” Comey, over the next three minutes, did not touch the headline-grabbing allegations, and later left the event through a side door without speaking to gathered reporters. Trump, in making the claims in a series of weekend tweets, has not provided any evidence to back up allegations that Obama tried to monitor his calls at Trump Tower in New York. Comey, according to reports, has pushed back internally on them. An official told the Associated Press that the FBI has asked the Justice Department to dispute Trump’s allegations, and the New York Times has reported that Comey says the claim should be corrected by the Department of Justice because it wrongly insinuates that the FBI broke the law. Amid this firestorm, Comey appeared relaxed publicly at the event, joking about being New England Patriots territory, as well as Gov. Charlie Baker’s height. (The 6-foot 6-inch governor stands about an inch shorter than Comey.) The event was focused on unveiling the FBI’s new home in Chelsea, an eight-story, 22,000-square-foot facility that, for the first time, puts the field office in its own standalone building. Comey has been at the eye of the political storm before, including twice during the presidential election as his department investigated former Secretary of State Hillary Clinton’s use of a private email server while she was Secretary of State. He is scheduled to appear at Boston College tomorrow, when he’ll keynote a cybersecurity conference at the Chestnut Hill university. http://www.bostonherald.com/news/local_coverage/2017/03/comey_avoids_wiretapping_questions_at_bosto n_fbi_offices

March 5, 2017

FBI director James Comey coming to Boston for cybersecurity talk BOSTON - FBI director James Comey, who was thrust into the presidential race when he made public statements about an investigation into Democratic candidate Hillary Clinton's emails, is coming to Boston to discuss cybersecurity. Comey is the keynote speaker at the conference Wednesday at Boston College. The conference is a partnership between the FBI and the masters in cybersecurity policy and governance program at BC's Woods College of Advancing Studies. Comey is scheduled to discuss the cyber threat landscape, what the FBI is doing to stay in front, and the importance of strong private-sector partnerships. Representatives of several government agencies as well as private companies are scheduled to attend. The FBI in 2016 investigated the private email server used by Clinton during her time as secretary of state. Comey recommended against criminal charges.

http://www.fox25boston.com/news/fbi-director-james-comey-coming-to-boston-for-cybersecurity-talk/499786754

March 2, 2017

FBI director James Comey to speak at Boston College FBI director James Comey will deliver the keynote address at a Boston College cybersecurity forum next Wednesday. Comey is scheduled to speak about “the cyber threat landscape, what the FBI is doing to stay ahead of the threat, and the importance of strong private sector partnerships,” according to a news release. His appearance is part of the Boston Conference on Cyber Security, which costs $125 to attend. Cybersecurity issues, as well as Comey himself, were front-and-center during the 2016 presidential campaign. Comey investigated the private e-mail server used by Democratic candidate Hillary Clinton during her time as secretary of state, a practice that was criticized for putting classified information at risk. Ultimately, he did not recommend criminal charges against Clinton, but his announcement that he was reopening the investigation — two weeks before the election — caused an uproar. Meanwhile, e-mails from the Clinton campaign and the Democratic National Committee were made public during the election, which US intelligence officials have attributed to hacking initiatives directed by the Russian government. https://www.bostonglobe.com/business/2017/03/02/fbi-director-james-comey-speak-bostoncollege/BMjo6XWcsRgS5VTFfe16rM/story.html#comments

March 2, 2017

FBI Director James Comey to Speak at Boston College Comey will give the keynote at BC’s cybersecurity forum. FBI director James Comey, whom some Democrats blame for costing former Secretary of State Hillary Clinton the presidential election, will attend a forum at Boston College next week. The topic? Cybersecurity. The head of the nation’s top law enforcement agency will deliver the keynote address at the first Boston Conference on Cyber Security (BCCS) on March 8. The $125-a-head event is organized by BC’s Woods College of Advanced Studies, and co-hosted by the FBI. Comey received criticism from conservatives when he declined bring charges against Clinton for her use of a personal email server, only to draw the ire of the left when he sent a letter to Congress just two weeks before the presidential election, announcing the existence of new emails pertinent to the investigation. Ultimately, the FBI did not change its earlier conclusion, though many Democrats (including former President Bill Clinton) believe Comey’s letter swung the election for Donald Trump. The president later chose to keep Comey at his post, rather than risk another bruising confirmation process for a replacement. http://www.bostonmagazine.com/news/blog/2017/03/02/fbi-director-james-comey-boston-collegecybersecurity/

March 2, 2017

FBI Director Comey to talk cybersecurity at Boston College FBI Director James Comey will head to Boston College next week as the keynote speaker on a cyber security forum. Comey's appearance on March 8 is for the inaugural Boston Conference on Cyber Security (BCCS), cohosted by the college, which offers a master's degree in cybersecurity policy and policy, and the FBI, Boston Magazine reported. Comey received ire from both Republicans and Democrats during the 2016 election, for not recommending charges against presidential candidate Hillary Clinton for her private email server use, and then for opening a second investigation into Clinton's emails two weeks before Election Day. Appointed by former President Barack Obama in 2013, Comey will remain at his post under President Donald Trump. http://www.metro.us/boston/fbi-director-comey-to-talk-cybersecurity-at-boston-college/zsJqcb--VFjVUxR8psuk/