FBI says more cooperation with banks key to probe of cyber attacks
Mon May 13, 2013 6:34pm EDT
By Joseph Menn
WASHINGTON (Reuters) - The FBI last month gave temporary security clearances to scores of U.S. bank executives to brief them on the investigation into the cyber attacks that have repeatedly disrupted online banking websites for most of a year.
Bank security officers and others were brought to more than 40 field offices around the country to join a classified video conference on "who was behind the keyboards," Federal Bureau of Investigation Executive Assistant Director Richard McFeely told the Reuters Cybersecurity Summit on Monday.
The extraordinary clearances, from an agency famed for being close-mouthed even among other law enforcement agencies, reflect some action after years of talk about the need for increased cooperation between the public and private sectors on cybersecurity.
The attacks, which have been ascribed by U.S. intelligence officials to Iran, are seen as among the most serious against U.S. entities in recent years. McFeely declined to discuss details of the investigation, including what the banks had been told and whether Iran was behind the attacks.
Banks have spent millions of dollars to get back online and make sure they can stay online. JP Morgan Chase & Co, Bank of America, Wells Fargo, Citigroup and others have been affected.
McFeely said the one-day secrecy clearances are part of a broader effort by the FBI to communicate more with victims of cybercrime, some of whom feel that cooperating with federal authorities carries too much risk of exposure to investor and media scrutiny.
A February executive order from President Barack Obama called for expedited security clearances.
McFeely, who began overseeing FBI cyber and criminal cases last year, said the agency was changing its approach after being "terrible" in the past about keeping targeted companies informed of progress in investigations.
"That's 180 degrees from where we are now," McFeely said at the summit, held at the Reuters office in Washington.
The FBI is working harder at securing international help in combating cybercrime and sabotage, but also needs dramatic gestures, such as espionage arrests of hackers from rival countries, to convince U.S. companies to be more open about their losses, he said.
On the international front, the FBI and Department of Homeland Security have notified 129 other countries about 130,000 Internet protocol addresses that have been used in the banking attacks.
Many of the computers involved in the attacks were infected by viruses before being directed to attack banking websites, and the bulletins have helped other countries to clean some of the computers, FBI officials said.
National Security Agency Director Keith Alexander and other officials have said that the massive theft of intellectual property by China and other countries amounts to the largest transfer of wealth in history. Individual companies, however, have rarely admitted material losses.
McFeely said that part of the problem was that companies have been frustrated at the extreme rarity of overseas arrests or other signs of tangible progress in nascent international talks over the issue. Even some defense contractors contacted by the FBI after breaches are reluctant to share information with agents, he said.
But McFeely said that some indictments have been issued under seal and that arrests would follow, perhaps when hackers identified by name travel outside their home countries.
"The first time we bring someone in from out of the country in handcuffs, that's going to be a big deal," McFeely said.
(Follow Reuters Summits on Twitter @Reuters_Summits)
(Reporting by Joseph Menn; additional reporting by Andrea Shalal-Esa and Jim Finkle; editing by Jackie Frank)