Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] Interview mit Cybercrime-Chef des FBI,

Assistant Director Larry Mefford ist Chef der neuen Cyber Division des

The FBI's cybercrime battle

By Margaret Kane 
Staff Writer, CNET
June 19, 2002, 10:10 AM PT

The FBI was able to nail John Dillinger, but how well would it stack
up against uber-hacker Kevin Mitnick?

Probably not well. Sharply criticized for its lack of technical
know-how, the FBI has taken a pounding after recent reports disclosed
that glitches in the agency's Carnivore online surveillance technology
may have hindered investigations into terrorism threats.

Agents have increasingly complained that the Bureau's outdated
technology has hampered their ability to analyze other threats. But
with the nation's law enforcement agencies turning their attention to
the so-called war on terrorism, the FBI is getting an upgrade.

A recent reorganization placed fighting cybercrime at the top of the
Bureau's priorities. The job of meeting that challenge falls to
Assistant Director Larry Mefford, who heads the Bureau's new Cyber
Division. Mefford, who previously worked in counterterrorism security
planning at the Los Angeles, Atlanta and Salt Lake City Olympics,
served as the Bureau's special agent in charge of the San Francisco
office, where he oversaw all operations, including terrorism and
cybercrime programs.

CNET recently talked with Mefford about his division's role
in the new FBI structure, cybercrime, and the wider war against

Q: Let's talk about your new role. What is the Cyber Division's
mission? What areas is it taking on?

A: The director (FBI chief Robert Mueller) created the Cyber Division
in order to consolidate a historically fragmented approach to
cybercrime. It brings together all of the FBI's responsibilities to
conduct investigations of criminal activity that occur over the
Internet or involve computers or networks. It's the full gamut of what
we refer to as cybercrimes--everything from hacking and
(denial-of-service attacks) to Internet fraud, theft of identity, and
theft of intellectual property. What we're really looking at are those
crimes where computers or networks are either the tools or the targets
of activity.

How big is the department?

A lot depends on homeland security. We're still in the process of
defining everything, but we're looking at a figure of hundreds at the
start-up stage. We'll grow from there.

How will it be managed?

Most of these criminal investigations will be operated out of field
offices around the country. Major intrusion cases are likely to be
managed directly from headquarters. That's a big change for us.  
Historically, field offices have run cases. This is similar to the
concept (being put in place for) terrorism cases. We'll have a similar
approach on major cyberattacks. If we have another (denial-of-service
attack), that's likely to be directed from headquarters. But
intellectual property, fraud, child porn cases will still be managed
at FBI offices around the country. Our role at the Cyber Division will
be to provide support and make sure they're successful. We'll be
helping them connect the dots, as they say now.

Your division and appointment were announced back in April. Last
month, the Bureau announced a major overhaul, and cybersecurity was
listed as the No. 3 priority. How does that affect what you're doing?

Clearly, being prioritized to that degree affects us significantly.  
We're in the process of creating this division from scratch.  
Historically, the responsibilities to address some of the activity
we're talking about were fragmented among many different management
units. It was difficult for the community and the private sector to
interface with us as an organization (because you) had to go to
various points. Clearly, 9/11 had an impact on our reorganization, and
one area was an initiative to improve the efficiency of operations.

We also have a function to provide protection against
counterintelligence and terrorism threats against the U.S. If there
were a foreign government attack or a terrorist attack against
computer networks, the Cyber Division would have a role in
investigating or supporting other FBI entities that have a primary
role in (investigating those crimes). We would help the terrorism guys
and the people doing counterintelligence or espionage.

And how is that working out in terms of your focus?

The vast majority of our effort is focused on illegal criminal
activity. In the past, it was very difficult to find any quantifiable
data on the extent of the activity. As part of the Cyber Division,
we've incorporated the FBI's Internet Fraud Complaint Center (part of
the National White Collar Crime Center), which serves as a conduit to
solicit complaints regarding Internet crime. It started (looking at)  
fraud, and we're going to expand to other types of crime. That data
will be analyzed and distributed to the FBI and to local authorities.

The focus there has been on Internet fraud and thefts facilitated by
the Internet. We'll be looking at intellectual property violations,
economic espionage, theft of trade secrets, and also
technology-related crimes, such as counterfeiting of software. As we
gear up operations and gain more expertise in the future, we'll be
able to do a better job in providing service to the U.S. public.

How important is industry input, both in preventing crime and solving

The relationship with the private sector in the technology arena is
critical for us as an agency. It's very difficult for us--because of
expenses and other issues--to stay up with the technology. We need to
link arms and join forces with private industry, so we can use their
expertise and capability for the benefit of the American public, if we

Can you talk about your progress in realizing that plan?

We're in the process of creating cybercrime squads throughout the U.S.  
in FBI field offices. In this calendar year, we'd like to create 20 of
these squads and concurrently, form cyber task forces, modeled after
terrorism task forces, where we join forces with local law enforcement
agencies, private industry and occasionally academia, to attack
cybercrime. We're allowed to leverage our capabilities and, at the
same time, more efficiently spend training money.

These will be permanent task forces assigned to different regions
throughout the country to focus on cyber-related criminal activity as
well as terrorism. If we have evidence of a national security issue,
these squads that we're trying to form will assist other FBI entities
in mitigating and preventing those types of attacks. In the area of
criminal activity, what we hope to do is provide enhanced prosecution
and work closer with different U.S. attorneys' offices across the

In the past, many companies have been reluctant to come forward when
they were hacked. Has that attitude changed? How do you persuade
people to bring things out in the open?

We have a system in place. Today, the National Infrastructure
Protection Center has responsibility inside the FBI for handling all
the computer-intrusion cases. It's part of the Cyber Division. We've
created internal safeguards to protect companies. Let's say a company
comes forward and they have sensitive data they want to share, but
they don't want to seek prosecution; they can do that. All the
protocols created at NIPC will stay in the Cyber Division.

The White House has proposed moving the NIPC to the new Department of
Homeland Security.

We're working with the administration to make an orderly transfer of
the NIPC to the new agency. If Congress creates enabling legislation,
we will make sure NIPC info is efficiently transferred to the new
agency, and the FBI will provide people on a detail basis. NIPC
handles only intrusion cases. As for other cybercrime, the new agency
will not have any other impact.

Can you give some examples of how technology helps you fight crime?

Certainly, analytical tools allow us to conduct the analysis and
intelligence far better than we have before...In the area of technical
tools, for example, we're looking at undercover operations the FBI has
been operating for years wherein individuals preying on children
(online) can be identified. We're looking at techniques to identify
them at an early stage.

How much of a priority is cracking down on criminal copyright
violations? What areas are the most likely targets--music, movies,

That's a challenging and complicated issue, but the fundamental fact
is that intellectual property rights will be a high priority. The U.S.  
business community needs that information to compete worldwide. If you
have technology stolen or pirated and a competitor or criminal can
replicate software, for instance, at very little charge, the American
public and U.S. companies deserve the protection.

One of the things we're doing is enhancing our participation with
customers at the (intellectual property rights) center as a focal
point to receive complaints regarding those types of violations. We're
going to look at doing more aggressive undercover operations in the
area of counterfeiting software. We can improve our capability to
prosecute criminals. Unfortunately, many are overseas. So one thing
we'll do is work very closely with certain federal governments and
develop ongoing relationships with certain foreign police agencies.

What about software counterfeiting?

Clearly, illegal counterfeiting of software is a problem.  
(Organizations that do that are) not only negatively affecting the
marketplace. Even though the public may get products at a lower price,
the reliability is suspect, and the warranty is suspect. We think we
can help protect the public by joining forces with other agencies,
like Customs, and working to help avoid counterfeiting of software.

What about piracy of music and movies?

We need to look at that. There are a lot of challenges based on the
fact that (technology) is creating completely new concepts in the
legal field. We're working with the Justice Department at the U.S.  
attorneys' offices across country.

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.