Americans should be skeptical about government authority and keep a firm grip on the civil liberties of a democratic society, said FBI Director James Comey during a keynote address at RSA Conference 2014
But Comey also said the federal government, with help from the private sector, must use every tool within reason to track down state sponsored hackers, hackers for hire, organized crime syndicates and terrorists. Comey told thousands of attendees that the FBI is working to improve its capabilities to provide actionable threat intelligence information to breach victims. He also said the agency is building out a threat sharing database internally to analyze malware and indicators of compromises and plans to roll out a unclassified version that can be used by the private sector.
“Everyone in this country should be suspicious of government power,” Comey said. “We all have to make sure that everyone involved understands why we use the tools we use and how we use them.”
Comey, who was appointed to the position last September, gave the address Wednesday afternoon at the industry’s largest security conference, which has been overshadowed by the fallout from National Security Agency leaks that revealed an extensive surveillance program conducted by the intelligence community, including probes conducted by FBI investigators. A day before, Art Coviello, executive chairman of RSA, the Security Division of EMC Corp., addressed allegations from the leaked NSA documents that the company accepted $10 million from the NSA to support a controversial encryption algorithm by default in its encryption implementation toolkit.
Comey said the intelligence community needs to conduct electronic surveillance. But he also said a discussion needs to take place about how to protect Americans from attacks without trampling on individual liberties.
Getting a handle on the biggest and most dangerous botnets, state-sponsored hackers and gloabal cyber syndicates are a top priority across the government, Comey said. But the FBI and other agencies are out-manned and need the support of the private sector and state and local authorities, Comey said. FBI agents are working with state and local officials to provide training to triage local cyber matters, he said.
Comey acknowledged that that information sharing is a complex and difficult matter that often involves legal teams and discussions about liability and the extent of the government’s visibility into corporate systems.
“We have to share information as much as we can and as quickly as we can and in the most usable format so you can do something about it,” Comey said. “Our goal is to be surgical and precise about what we’re looking for. We want to work with you to figure out what happened and who did it and how you can do better to protect yourself and your sensitive data.”
Comey said the federal government continues to have no unified reporting system and confusion remains about what agency is responsible for cybercrime. The FBI will do its best job navigating the bureaucracy for the private sector, he said.
The federal government, meanwhile, is building out an automated intrusion system through which agencies communicate in real time with critical infrastructure providers. A malware repository called Binary Analysis, Characterization and Storage System, or BACSS, paints a clearer picture of cyber threats. An unclassified version called "Malware Investigator" will be available to the public, so businesses that have been breached can send malware into the system and get a report back that will provide useful information for incident response teams, Comey said