We’re Not Going to Beat Cybercrime in Our Lifetime Says Ex-FBI Cyber Chief

A former director of the FBI’s crime and cybercrime response unit has warned that the problems of hacking and cybercrime will not be solved in our lifetimes, but we that we owe it to future generations to avoid completely mismanaging the issue to make it worse to deal with in years to come.

Shawn Henry spent 24 years at the FBI where he rose through the ranks to oversee all of the Bureau’s criminal and cyber investigations across the globe before retiring from the organisation in 2012.

But despite boosting the FBI’s computer crime investigative capabilities and taking part in numerous successful investigations into denial-of-service attacks, the major bank and corporate breaches, and nation-state sponsored intrusions, Henry believes that cybercriminals aren’t going to be disappearing any time soon.

“We’re not going to solve it, folks, not in our lifetime, but we have to constantly manage it,” he said, speaking at IP EXPO 2016 in his post-FBI role as president of cybersecurity firm Crowdstrike.

Indeed, cases such as the OPM Hack, which saw attackers steal personnel files of 4.2 million former and current government employees and security clearance background investigative information on 21.5 million people, or the recently disclosed Yahoo data breach appear to demonstrate that we have a long, long way to go before cybercrime is a thing of the past, especially as cybercriminal gangs are becoming ever more professional.

That doesn’t mean we should give up; for Henry, ignoring the issue is a disservice to those who’ll need to fight it in future.

“Our inability to manage it is going to result in failure and it’s not just a failure for your company or for you, it’s failure for future generations,” he says, arguing the only way to fix it is “with the right people executing the right plans an demonstrating leadership” and to proactively hunt down any cybercriminals that may in your network rather than waiting for them to give themselves away.

Rather than an organisation sitting back and waiting to see if it’s attacked, Henry argues that cybersecurity professionals should be constantly examining their own network looking for indicators of attack because “If we’re not out constantly hunting for the adversaries they’re hunting us”.

The FBI has also taken that approach to detect cybercrime and Henry urged organisations to follow suit in order to have the best chance of identifying intruders on their network.

“By being proactive in the hunting and seeing the adversaries as they place their infrastructure and disrupting it. Not after we’ve been gigabytes of data being sent off the network, but identifying that before they can take action and impact negatively on the organisation,” he says.

The FBI is very much practising what it preaches and Arlette Hart, chief information security officer at the FBI, recently outlined the agency’s approach to insider security to ensure employees don’t become malicious threats.