US agencies making progress on cybercrime, officials say

But criminals continue to target U.S. businesses, with the FBI currently investigating 400 wire transfer cases

U.S. government agencies are getting better at sharing information about cyberattacks with private companies, but cybercrime shows no signs of slowing down, cybersecurity experts told lawmakers Wednesday.

The U.S. Secret Service, the Federal Bureau of Investigation and the Department of Homeland Security work closely together to combat cybercrime, witnesses from the three organizations told a subcommittee of the House of Representatives Financial Services Committee. But criminals are taking advantage of the growing amount of personal information online and the ability to share attack tools and strategies over the Internet, said A.T. Smith, assistant director of the Secret Service.

"The Secret Service has observed a marked increase in the quality, quantity and complexity of cybercrimes targeting private industry and critical infrastructure," he said.

The FBI is currently investigating more than 400 cases involving unauthorized wire transfers from bank accounts of U.S. businesses, said Gordon Snow, the assistant director there. Those 400 cases involved the attempted theft of US$255 million, with actual losses of $85 million, and the cases involving the takeover of accounts represent just one type of attack against financial systems, he said.

Snow also listed recent examples of payment processor breaches, stock trading fraud, ATM skimming, mobile banking attacks and other schemes targeting the U.S. financial system. Cybercriminals' capabilities are at "an all-time high," although combating cybercrime is a top priority for the FBI and other agencies, he said.

The annual cost of cybercrime is about $388 billion, including money and time lost, said Brian Tillett, chief security strategist at Symantec. That's about $100 billion more than the global black market trade in heroin, cocaine and marijuana combined, he said.

The financial services industry, the focus of Wednesday's hearing, is a top target for cybercriminals, Tillett said, but he also praised cybersecurity efforts there.

"The financial services industry generally, has been ahead of the curve on cybersecurity, recognizing the importance of these issues long before they were common in daily headlines," he said. "Thus, the need for action is not so much an issue of additional legislation or regulation, but rather an issue of responding to evolving threats by implementing mitigation and protection measures."

Subcommittee Chairwoman Shelley Moore Capito asked if the DHS and other agencies were sharing information about cyberattacks with each other and with private companies.

Employees of private companies with security clearances now have access to the DHS National Cybersecurity and Communications Integration Center (NCCIC), which coordinates cyberincident response efforts within the U.S. government, said Greg Schaffer, acting deputy under secretary at the DHS. U.S. agencies have also provided assistance to the financial services industry during cyberattacks, he said.

"We are in a better place today, in terms of information sharing, than we've been in the 15 to 17 years I've been in this space," Schaffer said. "We have certainly made a lot of progress."

Snow agreed, but said the sharing still needs to happen faster. If government officials wait to exchange information face-to-face, it's often too late to stop a threat, he added.

"We go from manual speed to network speed," Snow said. "This threat comes at us in nanoseconds."

Representative Steve Pearce, a New Mexico Republican, asked what percentage of cybercrime reports are prosecuted and what percentage result in a conviction. Snow and Smith said they didn't have that information immediately available.

The Secret Service made about 1,200 cybercrime-related arrests last year, resulting in the prevention of about $7 billion in losses, Smith said.

Pearce asked how often the three agencies representatives have met about cybersecurity issues. Snow said he's met with Smith and Schaffer more than 150 times. "Sometimes we have meetings even when we don't want to have meetings," he said.

Pearce also asked the agency officials about the percentage of cybercrime that goes undetected by government investigators. The problem may be much worse than statistics show, he said. "How many attacks are coming in that we don't even know about?" Pearce said.

That's difficult to judge, because there's no law requiring private companies to report most types of cybercrime, Schaffer said. "We know what we know about," he said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the PC World newsletter!

Error: Please check your email address.

Tags U.S. Federal Bureau of InvestigationU.S. Department of Homeland SecurityGreg SchafferfinanceIdentity fraud / theftindustry verticalslegislationSteve PearcefraudA.T. SmithintrusionsymantecShelley Moore CapitosecurityU.S. House of RepresentativesU.S. Secret ServicegovernmentBrian TillettGordon Snow

Struggling for Christmas presents this year? Check out our Christmas Gift Guide for some top tech suggestions and more.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?