Professional Documents
Culture Documents
Terrorists’
Activity
In Cyberspace
Why would our critical infrastructures be
targeted for attack?
National Security
– Reduce the U.S.’s ability to protect its interests
Public Welfare
– Erode confidence in critical services and the
government
Economic Strength
– Damage economic systems
New Risks and Threats
Globalization of infrastructures increases level of vulnerability
Easy access to infrastructures via Internet and Public Switched
Telecommunications Network
Interdependencies of systems make attack consequences harder
to predict and perhaps more severe due to the cascading effects
Malicious tools and recipes for new cyber weapons are widely
available and do not require a high degree of technical skill to use
Countless players with malicious intent
New cyber threats outpace defensive measures
Vulnerability Types
Computer based
– Poor passwords
– Lack of appropriate firewall protection
Network based
– Unprotected or unnecessarily open entry points
Personnel based
– Temporary/Staff firings
– Disgruntled personnel
– Lack of training
Facility based
– Servers in unprotected areas
– Inadequate physical security measures
Terrorist Groups
Terrorists
Attention must be paid to studying the terrorists:
– Ideology
– History
– Motivation
– Capabilities
The Future of Terrorism
Terrorism is carried out by disrupting activities, undermining
confidence, and creating fear.
In the future, cyberterrorism may become a viable option to
traditional physical acts of violence due to:
– Anonymity
– Diverse targets
– Low risk of detection
– Low risk of personnel injury
– Low investment
– Operate from nearly any location
– Few resources are needed
Terrorist Use Information Technology
Planning
Member Recruitment
Research
Espionage
Propaganda Dissemination
Terrorism
Hacktivism
Hacktivism is hacking with a cause and is
concerned with influencing opinions on a specific
issue.
To
Cultivate a Threat-Predicated Intelligence
Base Focused on Preventive Efforts
– STATUS
• Accepted Responsibility to Conduct Tactical Analytical
Support of All Digital Evidence obtained through FBI
Investigative Efforts (the link between the Case Agent and
the CART Examiner)
• Cyber Intelligence Center
Cyber Division
FBI Headquarters
Assistant Director
Department of Homeland
Special Assistant Security Transition
Special Technologies
And Applications Section
Cyber Investigations Branch
D e p u ty A s s is ta n t
D ir e c to r
C y b e r In v e s tig a tio n s
B ra n ch
C y b e r C rim e C o m p u te r In tr u s io n S p e c ia l T e c h n o lo g ie s a n d O u t r e a c h , C a p a b i li t y a n d O p e r a tio n a l S u p p o rt
S e c tio n S e c tio n A p p lic a tio n s S e c tio n D e v e lo p m e n t S e c tio n S ta ff
In te rn e t F ra u d C o u n te r te r r o r is m S p e c ia l T e c h n o lo g ie s C y b e r T a s k F o rce
C o m p la in t C e n te r C o u n t e r i n g e lli g e n c e R e s e a rc h & S u p p o r t U n it
C o m p u te r In tr u s io n D e v e l o p m e n t U n it
U n it
In te rn e t F ra u d C y b e r O p e r a tio n s In te r n a tio n a l
U n it D e p lo y m e n t U n it In v e s tig a tio n s S u p p o rt
U n it
Cyber Division
FBI Field Offices
Three types of cyber squads (dependent on
staffing levels and other factors)
– “Computer Intrusion Squads”
– “ Cyber Crime Squads”
– Consolidated “Cyber Squads”
Cyber Task Forces
Atlanta Miami
Baltimore Minneapolis - USSS
Boston New Haven
Charlotte
New York
Pittsburgh
Chicago
Portland
Columbia - USSS San Antonio
Dallas San Diego
Denver San Francisco
Kansas City Seattle
Las Vegas Washington Field Office
Los Angeles - USSS
Cyber Division
Initiatives
Cyber Task Forces
Public/Private Alliances
International Cyber Investigative Support
Mobile Cyber Assistance Teams
Cyber Action Teams
Cyber Investigators Training
Cyber Intelligence Center
Cyber Tactical Analytical Case Support
Cyber Division
Federal Bureau of Investigation
Room 5863
935 Pennsylvania Avenue, NW
Washington, DC 20535
Harold M. Hendershot
Chief
Computer Intrusion Section
hhendershot@fbi.gov
(202) 324-0301