FBI agents offered advice on responding to insider threats and cyber breaches at the monthly meeting of the CIO/CEO Cybersecurity Forum.
The prevalence of insider threats “is definitely growing,” said Gina Osborn, FBI assistant special agent in charge of cyber and computer forensics. However, providing training to combat this type of threat is expensive.
“The federal government is trying very hard to bring the expertise to local police departments so they can work these cases. Lots of police departments are wanting to get on track, but it costs money for training.”
Companies can often detect when outsiders try to access company data, however employees with legitimate access are more difficult to spot. Employees who are disgruntled, work odd hours, and have unexplained affluence or frequent foreign travel fit the typical profile of an insider stealing for personal gain or stealing company information or products to benefit another organization or country.
Osborn and her colleague Terry Reed Jr., supervisory special agent with the FBI’s San Diego Division, were guest speakers at the March meeting of the Cybersecurity Forum, a group that College of Engineering Dean Forouzan Golshani organized to create greater awareness of cybercrime. The forum is comprised of government, private-industry, and CSULB faculty with an interest in cybersecurity.
Ransomware is another area of growing concern. “If a company hasn’t done a good job of backing up their data, they may have to pay a ransom. “It can be a business decision. The reality is that ransomware is very pervasive,” Reed said.
The group spoke at length about what keeps them up at night. Reed said what keeps him up at night is the Dark Web, where you can buy and sell malware, data, and guns, and arrange murders for hire—all paid for with virtually untraceable virtual currency.
“We can spend a lot of time and money trying to track a transaction and get nowhere,” said Reed. “It’s the anonymous currency of choice for the bad guys.”
The Internet of Things is another area of concern. “Everything’s connected to the Internet, from your pacemaker to your garbage can,” said Reed.
Osborn and Reed talked about what companies or government agencies can expect when they report a cybercrime to the FBI. The FBI, accompanied by technical experts and forensic investigators, will want to examine DNS logs and begin the process of preserving evidence.