Embed Size (px)
DESCRIPTION
Â
Citation preview
FBI Cyber OutreachMontreat Collage
Cyber Awareness Conference 31 October 2015
FBI Cyber OutreachMontreat Collage
Cyber Awareness Conference 31 October 2015
Ganester “guy” [email protected]‐895-‐3634
The Cyber Threat
2
“It’s now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation.” “America's economic prosperity in the 21st century will depend on cybersecurity.”
— President Obama
3
Why are we here?
SSA Robert Hanssen-‐ Spied for Russia Arrested 2001.
Contract Linguist Shamai Leibowitz-‐Provided classified docs to a blogger Sentenced 2010.
(Really)
The Cyber Threat, cont’d
4
“The threat is so dire that cyber security has topped Director of National Intelligence Jim Clapper’s list of
global threats for the second consecutive year, surpassing both terrorism and espionage – even the threat posed by weapons of mass destruction.”
— FBI Director ComeyFebruary 26, 2014
Agenda
• FBI Overview • Combat cyber threats targeting the US• How to be a “good victim”
AgendaCharlotte Division
Special Agent in ChargeJohn A. Strong
DO YOU REALLY WANT TO MESS WITHFBI CYBER?
FBI Cyber MissionTo proactively protect the United States against:
1) Cyber Terrorist attack2) Cyber Foreign intelligence
operations and espionage3) Cyber-‐base attacks and high
technology crimes
Cyber Operations and Outreach Mission
The FBI Cyber Division (CyD) will, through its Cyber Operations and Outreach Section, conduct targeted outreach to the public & private
sectors to facilitate proactive national security operations and criminal investigations through information sharing, and elevated
awareness of FBI capabilities.
OVERVIEW
FBI MISSION STATEMENT
Our motto is:“Fidelity, Bravery, and Integrity”
Our mission is to protect and defend the United States against terrorist and foreign intelligence threats, to uphold and enforce the criminal laws of the United States, and to provide leadership and criminal justice services to federal, state, municipal, and international agencies and partners.
11U//FOUO
FBIHQOperational Divisions
CounterterrorismCounterterrorism CounterintelligenceCounterintelligence Criminal InvestigativeCriminal InvestigativeCyberCyber
FBIField Offices
FBIInternational Offices -‐LEGATs
CYBERSECURITY RESPONSIBILITES
DHS(Protection, Prevention, Mitigation, & Recovery)
DOMESTIC
FOREIGN
DOJ/FBI(Detection Investigation, Attribution, & Disruption)
DOD/NSA(Defense, Prevention, & Overseas Intelligence)
15UNCLASSIFIED//FOR OFFICIAL USE ONLY
What you can do to combat cyber threats
Information Security AwarenessInformation Security Awareness
s
Insider Threat Detection and Reporting Adversarial Methodologies (recruiting, reconnaissance, data collection) Indicators of Insider Threat Behavior Reporting Procedures for Suspicious Behavior and Events
Information Security AwarenessInformation Security Awareness
s
Privacy AwarenessPersonally Identifiable Information (PII)
WorkHome
Infosec Awareness TopicInfosec Awareness Topic
s
General and Privileged Users-‐How do you protect shared data (e.g. encryption, backups)-‐Internal and External threats (e.g. social engineering, insider threats)-‐Information Security Principles-‐How to report an Information Security Incident-‐Password requirements and protection-‐Social Engineering and Personal/Professional Use of Social Media
Information Security AwarenessInformation Security Awareness
s
General and Privileged Users (cont.)-‐Identity theft-‐Appropriate Internet Use-‐Inventory Control-‐Physical Security-‐Mobile Devices (e.g. laptops, PDAs)-‐Removable Media Devices (e.g., CDs, USB drives)-‐Remote Access-‐Copyright Infringement and Software Piracy-‐Proper Email and instant messenger use
Types of Malicious Software & Trends
• Advanced Persistent Threats (APT)• Trojans• Viruses• Worms• Spyware• P2P• Unknown senders• Spam• Phishing• Spear Phishing and attachments
Remember!!Remember!!
s
Guy’s Rule of Thumb(s): ØThe Right Hire;
ØThe Right Policy and Procedures (On Boarding); and
ØThe Right individual(s) to check the Right Hire and Right Procedures.
How to be a “Good Victim”
INTERNET CRIME COMPLAINT CENTER
www.IC3.gov
Cyber Reporting SharedCyber Reporting Shared
• Focus exclusively on cybersecurity threats• Located in all 56 FBI field offices
Cyber Task Forces (CTFs)Cyber Task Forces (CTFs)
• FBI’s 24-‐hour command center • Component of National Cyber Task Force Unit (NCTFU)CyWatch 24/7 OpsCyWatch 24/7 Ops
• Partnership between the FBI, DHS, and U.S. private commercial sector
• More than 200 companies participating
Domestic Security Alliance Council (DSAC)
Domestic Security Alliance Council (DSAC)
• Partnership between FBI and private sector• Information sharing and analysis effort; online portal with open registration
InfragardInfragard
• FBI-‐led alliance of peer agencies to protect national cyber interests
• Coordinate, integrate, share, and deconflict
National Cyber Investigative Joint Task Force (NCIJTF)
National Cyber Investigative Joint Task Force (NCIJTF)
About InfraGardAbout InfraGard
•Each FBI field office has an InfraGard Coordinator Special Agent acting as point of contact for the local chapter, who recruits and vets new members during the application process.•InfraGard is comprised of local chapters called InfraGard Members Alliances (IMAs), which interact with a field office.•The local chapters report to the national organization called the InfraGard National Members Alliance (INMA)..
https://www.infragard.org
INFORMATION-SHARING & PRIVATE SECTOR
The FBI works with local businesses, colleges and universities, research centers, and owners and operators of critical infrastructure to provide them with the information they need to protect themselves from threats.
Our private-‐sector and information-‐sharing partnerships include:
4 The FBI’s Counterintelligence Strategic Partnership Program
4 Business Alliance4 Academic Alliance4 National and Regional
Counterintelligence Working Groups
4 InfraGard
4The National Cyber Forensics and Training Alliance
4Fusion centers4The Domestic Security Alliance Council
(DSAC)4The National Gang Intelligence Center4The Criminal Justice Information Services
Division (CJIS) in West Virginia
