The Federal Bureau of Investigation (FBI) says it is losing the war against hackers. Shawn Henry, an FBI executive assistant director who is preparing to leave the organization after working for more than two decades with the bureau, says that the U.S. is not keeping up with hackers. Thousands of individuals and groups around the world are taking aim at businesses and government websites, including those in the U.S., and Henry says "we're not winning."
"I don't see how we ever come out of this without changes in technology or changes in behavior, because with the status quo, it's an unsustainable model," Henry told The Wall Street Journal. "Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security."
Furthermore, Henry said FBI agents are increasingly coming across data stolen from companies whose executives had no idea their systems had been breached (see 63% of website owners don't know how they were hacked). "We have found their data in the middle of other investigations,'' Henry told the WSJ. "They are shocked and, in many cases, they've been breached for many months, in some cases years, which means that an adversary had full visibility into everything occurring on that network, potentially.''
Henry's comments follow a statement made by Richard Clarke, a former cybersecurity and cyberterrorism advisor for the White House. He said every major U.S. company has been infiltrated by hackers employed by the Chinese government to steal R&D.
Although the number of hackers arrested around the world seems to be growing, the attacks keep coming. For example, earlier this week hacktivist group LulzSec hacked MilitarySingles.com and exposed 170,937 accounts belonging to U.S. military members looking for a date, and then hacked communications technology firm CSS Corp and publicly posted the company's entire e-mail database (66 files in total).
The main reason the FBI can't keep up is because the organization is outnumbered. Not only are there too many hackers around the world, but there are also way too many points of entry given all the companies and government agencies the FBI is interested in protecting.
- Hacktivists stole 100 million records in 2011
- Richard Clarke: China has hacked every major US company
- LulzSec hacks Military Singles
- LulzSec hacks CSS Corp
- Anonymous hacks Panda Security in response to LulzSec arrests
- NASA: Hackers had 'full functional control'