DEARBORN — If you’re worried about cybertheft of your trade secrets and you don’t think your management is taking it seriously enough, Tom Winterhalter says he’ll be happy to “come in and scare your boss.”
Winterhalter, FBI cybercrime division supervisory special agent in Detroit, gave a sobering assessment of the cybercrime environment Thursday at Secureworld Expo Detroit.
“You are one click from compromising your network,” Winterhalter warned, saying that the FBI is working 200 data breach cases in its Detroit office alone.
Increasingly, he said, the traditional distinction between national security and criminal matters is blurring, as terrorists commit crimes sponsored by nation-states to finance their activities.
Winterhalter said the FBI’s Cyber Division has a new and sharper focus on cyber-intrusion, because it’s been relieved of investigating crimes like online child exploitation or online consumer scams — as the Internet becomes more a part of daily life, he said, those investigations have been moved to the FBI’s regular crime units.
As for intrusions, Winterhalter said, “Espionage used to be spy vs. spy. Now there’s a big shift to industrial control systems … The Cold War is not over. It has merely moved into a new arena, the global marketplace.”
He said that “seemingly innocent business relationships between foreign companies and U.S. industries” can result in the theft of trade secrets through everything from cyber-intrusion to recruitment of disgruntled employees.
The bad guys, he said, range from nation states to mercenaries for hire to rogue hackers to transnational criminal syndicates. The goodies at risk range from research results to product technology to negotiation strategy.
Businesses and institutions also face threats from “hacktivism” should they run afoul of Anonymous or other hacker groups.
What the FBI won’t do, Winterhalter said, is “take over your systems, repair your systems, share proprietary information with competitors, provide investigation related information to the media or shareholders, or tell you which one’s a great (security) appliance and which one sucks.”
Winterhalter also said the FBI is ready to train local law enforcement in cybercrime, and is “looking to work more with academia, especially public institutions,” to keep sensitive information safe.
Above all, Winterhalter urged those in attendance to take their security very seriously, and to report it to the FBI’s Internet crimes complaint center, www.ic3.gov. While victims must be identified as such when chages are filed against the information thief, Winterhalter pledged that there “will never be a leak of company insider information.”
Later speakers at Secure World, which drew nearly 700 attendees over its two days, reinforced Winterhalter’s message.
Shane Harsch, a senior solutions principal at RSA, told a luncheon keynote audience that today’s network security threat is “not a single attack, it’s a constant pounding at the gates.”
He said a study from the Traverse City-based Ponemon Institute found a 44 percent increase in network breach incidents from 2010 to 2011, along with an increase in sophistication of adversaries and more acute targeting of commercial sectors and government supply chain providers.
Social media also provide new vectors for intrusion, Harsch said.