FBI wants businesses' help to fight cybercrime
FBI director asks private sector for its expertise as part of agency's struggle against ID theft and other crimes. Mueller looks to businesses
"Those of you in the private sector are our first line of defense," Mueller said Wednesday, during a speech to attendees of the RSA Conference 2006 here. "We recognize that in certain areas we lack the expertise that you possess. We lack the specific knowledge of threats that affect individual businesses every day."
The advent of the information age has made the world smaller and smarter, but the threats have become equally more diverse and dangerous, Mueller said. "We need your help, and we continue to ask for your cooperation," he said.
Information technology has become a "force multiplier for criminals," with threats including online fraud, identity theft and botnets, Mueller said. "It is not easy for law enforcement and private industry alike to stay ahead of the curve when it comes to these ever-evolving threats."
Dealing with viruses, spyware, PC theft and other computer-related crimes costs U.S. businesses a staggering $67.2 billion a year, the FBI found in a study released last month.
The FBI has taken steps to improve its own abilities to investigate cybercrime. Four years ago, it created its own Cyber Division, and the agency has set up specially trained cybersquads across the U.S.
The bureau has several initiatives to work with private businesses, such as its InfraGard program, which has about 3,000 members. These efforts have helped identify new attacks and track down attackers, Mueller said. For example, in collaboration with Microsoft, the FBI found the alleged creators of the Mytob and Zotob worms.
"Through these public and private alliances, we are moving from rhetoric to reality and improving our ability to confront criminal and terrorist threats to our national infrastructure," Mueller said.
Still, there has been some apprehension in working with law enforcement, especially when it comes to reporting cybercrime.
"Most companies that experience computer intrusions or breaches of security do not report the incidents to law enforcement," Mueller said. That may be because they fear negative publicity or the loss of a competitive advantage, he said.
The FBI is conscious of that fear. "We certainly do not want you to be victimized a second time by our investigation," Mueller said.