FBI Cyber Outreach Montreat Collage Cyber Awareness Conference 31 October 2015
Ganester “guy” Walton ganester.walton@leo.gov 251-‐895-‐3634
The Cyber Threat
“It’s now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation.” “America's economic prosperity in the 21st century will depend on cybersecurity.” — President Obama
Why are we here? SSA Robert Hanssen-‐ Spied for Russia Arrested 2001.
(Really)
Contract Linguist Shamai Leibowitz-‐Provided classified docs to a blogger Sentenced 2010.
The Cyber Threat, cont’d
“The threat is so dire that cyber security has topped Director of National Intelligence Jim Clapper’s list of global threats for the second consecutive year, surpassing both terrorism and espionage – even the threat posed by weapons of mass destruction.” — FBI Director Comey February 26, 2014
Agenda • FBI Overview
• Combat cyber threats targeting the US • How to be a “good victim”
Agenda
Charlotte Division
Special Agent in Charge John A. Strong
DO YOU REALLY WANT TO MESS WITH FBI CYBER?
FBI Cyber Mission To proactively protect the United States against: 1) 2) 3)
Cyber Terrorist attack Cyber Foreign intelligence operations and espionage Cyber-‐base attacks and high technology crimes
Cyber Operations and Outreach Mission The FBI Cyber Division (CyD) will, through its Cyber Operations and Outreach Section, conduct targeted outreach to the public & private sectors to facilitate proactive national security operations and criminal investigations through information sharing, and elevated awareness of FBI capabilities.
OVERVIEW
FBI MISSION STATEMENT Our motto is:
“Fidelity, Bravery, and Integrity” Our mission is to protect and defend the United States against terrorist and foreign intelligence threats, to uphold and enforce the criminal laws of the United States, and to provide leadership and criminal justice services to federal, state, municipal, and international agencies and partners.
U//FOUO
11
FBIHQ
Operational  Divisions
Counterterrorism
Counterintelligence
Cyber
Criminal  Investigative
FBI
Field  Offices
FBI
International Offices -‐LEGATs
CYBERSECURITYRESPONSIBILITES DHS
(Protection, Prevention, Mitigation, & Recovery)
FOREIGN
DOMESTIC
DOD/NSA (Defense, Prevention, & Overseas Intelligence)
DOJ/FBI
(Detection Investigation, Attribution, & Disruption)
15 UNCLASSIFIED//FOR OFFICIAL USE ONLY
What you can do to combat cyber threats
Information Security Awareness
Insider Threat Detection and Reporting Adversarial Methodologies (recruiting, reconnaissance, data collection) Indicators of Insider Threat Behavior Reporting Procedures for Suspicious Behavior and Events
s
Information Security Awareness
Privacy Awareness Personally Identifiable Information (PII) Work Home
s
Infosec Awareness Topic General and Privileged Users
-‐How do you protect shared data (e.g. encryption, backups) -‐Internal and External threats (e.g. social engineering, insider threats) -‐Information Security Principles -‐How to report an Information Security Incident -‐Password requirements and protection -‐Social Engineering and Personal/Professional Use of Social Media
s
Information Security Awareness General and Privileged Users (cont.) -‐Identity theft -‐Appropriate Internet Use -‐Inventory Control -‐Physical Security -‐Mobile Devices (e.g. laptops, PDAs) -‐Removable Media Devices (e.g., CDs, USB drives) -‐Remote Access -‐Copyright Infringement and Software Piracy -‐Proper Email and instant messenger use
s
Types of Malicious Software & Trends • Advanced Persistent Threats (APT)
Trojans • Viruses • Worms • Spyware • P2P • Unknown senders • Spam • Phishing • Spear Phishing and attachments •
Remember!! Guy’s Rule of Thumb(s): ØThe Right Hire; ØThe Right Policy and Procedures (On Boarding); and ØThe Right individual(s) to check the Right Hire and Right Procedures.
s
How to be a “Good Victim”
INTERNET CRIME COMPLAINT CENTER www.IC3.gov
Cyber Reporting Shared Cyber Task Forces (CTFs)
CyWatch 24/7 Ops Domestic Security Alliance Council (DSAC)
• Focus exclusively on cybersecurity threats • Located in all 56 F BI field offices • FBI’s 24-‐hour command center • Component of National Cyber Task F orce Unit ( NCTFU) • Partnership between the F BI, DHS, and U.S. private commercial sector • More than 200 companies participating
Infragard
• Partnership between F BI and private sector • Information sharing and analysis effort; online portal w ith open registration
National Cyber Investigative Joint Task Force (NCIJTF)
• FBI-‐led alliance of peer agencies to protect national cyber interests • Coordinate, integrate, share, and deconflict
About InfraGard •Each FBI field office has an InfraGard Coordinator
Special Agent acting as point of contact for the local chapter, who recruits and vets new members during the application process. •InfraGard is comprised of local chapters called InfraGard Members Alliances (IMAs), which interact with a field office. •The local chapters report to the national organization called the InfraGard National Members Alliance (INMA). .
https://www.infragard.org
INFORMATION-SHARING & PRIVATE SECTOR The FBI works with local businesses, colleges and universities, research centers, and owners and operators of critical infrastructure to provide them with the information they need to protect themselves from threats. Our private-‐sector and information-‐sharing partnerships include: 4 The FBI’s Counterintelligence Strategic Partnership Program
4The National Cyber Forensics and Training Alliance
4 Business Alliance
4Fusion centers
4 Academic Alliance 4 National and Regional Counterintelligence Working Groups
4The Domestic Security Alliance Council (DSAC)
4 InfraGard
4The National Gang Intelligence Center 4The Criminal Justice Information Services Division (CJIS) in West Virginia
Jackson FBI Any Questions?
Ganester “guy” Walton ganester.walton@leo.gov 251-‐895-‐3634