back to article Foreign intelligence agencies are biggest online threat, ex-Fed warns

Former FBI executive assistant director Shawn Henry has warned that the biggest threat online comes not from terrorists or hackers, but from foreign intelligence organizations looking to steal intellectual property. "The threat from computer attack is the most significant threat we face as a society, other than a weapon of …

COMMENTS

This topic is closed for new posts.
  1. IT Hack
    Pint

    Can't help but wonder if in fact the issue lies in management not listening to staffers on how to provide secure compute environments.

    Certainly the mantra that there is no such thing as 100% security is valid, however nearly every infosec professional I know and talk to is focused on reducing security risks as much as possible.

    Of course given that most exec's have the attention span of a gnats arsehole when it comes to technical issues I can see why this is.

    Pint coz it dulls the pain.

    1. Dodgy Geezer Silver badge
      Coat

      Of course!

      "...nearly every infosec professional I know and talk to is focused on reducing security risks as much as possible..."

      Yes. That's because infosec professionals get PAID by reducing security risks. If they got paid by balancing risks very precisely, you would see a lot more risk balancing....

      OK, now I'll leave the pub and go back to my job as an infosec professional...

  2. Blain Hamon
    Coat

    Quite right!

    And for the rest of the world, the US is the largest foreign intelligence agency around!

    Mine's the one with the stuxnet USB drive in the pocket.

  3. Archimedes_Circle
    FAIL

    Misread that as French, not foreign. That was no hell of a double take.

  4. Destroy All Monsters Silver badge
    Big Brother

    "The intelligence community had heard of Osama bin Laden for years, but it wasn't until the world watched the planes hitting the buildings that the threat was taken seriously."

    Looks like the memory hole sucked up the remembrance of the FIRST bombing of WTC. Same guys. Flagged up by Able Danger. Dossier went to the shredder for bureaucratic arse covering, IIRC.

  5. Anonymous Coward
    Anonymous Coward

    Lol i knew the usa couldnt get high up on tech without theft, they always needed foreigners information, from tesla to von braun, why should computer technology be any different. have fun mongrels, you will loose in the end because nobody smart since tesla's era thinks america is a good place.

    1. The Baron
      Happy

      Nobody smart spells "lose" as "loose" either.

  6. Anonymous Coward
    Anonymous Coward

    >"The threat from computer attack is the most significant threat we face as a society, other than"

    Answer #1:

    ... something that could actually physically hurt us.

    Answer #2:

    ... something that results in my company being cut off from free government pork.

  7. Anonymous Coward
    Anonymous Coward

    >"a company had lost a billion dollars of intellectual property in a weekend"

    How do we know this isn't just a bunch of liars who claimed to have invented the rectangle and completely made up a lie that that's worth a billion dollars? It's not like we can trust any of these fraudsters any better than we can trust foreign spies.

    1. h4rm0ny

      Re: >"a company had lost a billion dollars of intellectual property in a weekend"

      "How do we know this isn't just a bunch of liars who claimed to have invented the rectangle and completely made up a lie that that's worth a billion dollars"

      Whilst obviously there are stupid patents and people who lie about, it does happen that these sorts of losses occur. When you get a Chinese company going from nothing to building cars comparable to American or Japanese companies in five years... Well that just doesn't happen through good R&D. It comes about through wholesale copying of other company's work.

      1. Dave Bell

        Re: >"a company had lost a billion dollars of intellectual property in a weekend"

        This is why it used to be that third-world countries, such as India and Poland, used to buy whole factories that built obsolete models. They were not at the leading edge, but they didn't have to do their own research, And now, in China, car companies are buying in a lot of current tech, whatever illicit copying they might be doing. It's no good stealing the program to control the engine if you cannot make the computer it runs on.

        Then remember the production lag. The patents which go into a new car model are a few years old. And you can be pretty sure that every time a new model comes out, your rivals will have bought example and begun trying to figure out what you have done. And five years production to pay off the new production line would be longer than the typical accountant would prefer.

        And there are other ways of legitimately getting the tech. You just go to companies such as Girling or Lucas, who supply components to everyone.

        It's not that industrial espionage isn't a problem. But you don't need it to explain everything.

    2. Schultz
      Joke

      "... claimed to have invented the rectangle"

      But the company that invented the rectangle did the right thing and got a patent on it. So now there is the possibility of redress.

      Imagine if they had tried to keep the rectangle as trade secret. The flood of stolen/copied rectangles would have destroyed civilization as we know it!

  8. Anonymous Coward
    Anonymous Coward

    >"when El Reg raised this, Henry denied that the US had ever carried out such spying."

    Given that that proves him to be a bare-faced liar, why accept anything else he has to say at face value?

  9. Pete 2 Silver badge

    Doesn't even make the top 10

    > computer attack is the most significant threat we face as a society, ...

    So the guy contradicts himself in the very next breath (way to go, speech-writers). However, he's still wrong.

    In no particular order, the threats I feel are most likely to have the greatest impact on ME, would be:

    - economic downturn (again!)

    - violent crime

    - property crime

    - traffic accident

    - ill health

    - corruption

    - civil unrest

    - energy prices (electricity, gas, petrol)

    - bad weather

    - social intolerance

    and add on his particular paranoia: WMDs (surely an exclusively american fear? Bizarre, since they have most of them) and people messin' with computers doesn't even feature. Obviously the guy is telling his audience what they want to hear. By appealing to their vanity, he's obviously hoping to puff-up their own self importance (as if it needs any more bolstering), but his words appear trite and self-serving. He seems also to miss the point that to 95% of the world, the USA is a foreign intelligence agency - maybe there's a kernel of truth in his keynote, after all.

    1. auburnman

      Re: Doesn't even make the top 10

      Good list. I would rate corruption higher though as that can catalyse almost everything else on the list apart from bad weather.

  10. Anonymous Coward
    Anonymous Coward

    Loved the 9/11 reference at the end, very original,.

  11. amanfromMars 1 Silver badge

    Meanwhile, in other sophisticated fields, at Elevation Levels in AI's Great Intelligence Games

    Black Hat 2012 Former FBI executive assistant director Shawn Henry has warned that the biggest threat online comes not from terrorists or hackers, but from foreign intelligence organizations looking to steal intellectual property.

    "The threat from computer attack is the most significant threat we face as a society, other than a weapon of mass destruction," he said in his opening keynote at the Black Hat 2012 conference in Las Vegas. "Everything we do – R&D, intellectual property, and corporate strategies – is stored or transmitted electronically. The DNA of companies is available to bad guys."

    Actually, it is a great deal more subversive and pervasive than even that worry for home and foreign intelligence agencies and smart renegade rogue non-state actors aligned with and fully versed in intelligence community practices, for the significant greater threat is not with the stealing of sensitive second and third party intellectual property [yours and theirs] but with the free instant spontaneous sharing of intellectual property which been has arrived at by independent means and would expose other parties secret stashes or compromise the engines of their modus operandi/vivendi.

    A readily available and immediate option to then very quickly and quietly employ, is to buy an exceedingly expensive silence with an agreeable Non Disclosure Agreement from obviously quite clever new sleeping partners/novel and noble gate keepers, for such affiliates are bound to have seeded and prepared myriad sources of distribution and disclosure to take full advantage of all of their selfless previous work which now fuels and justifies their windfall bounty and new watch keeper role for that which is so discovered/uncovered.

    And if that is to be called by anyone, Virtual Danegeld, then so be it, for such it most probably is too. Nevertheless, it is good money/fabulous credit very well spent whenever the consequences of sensitive information and previously thought secret and exclusive intelligence being universal knowledge may be catastrophically expensive.

    1. Dodgy Geezer Silver badge
      Black Helicopters

      Re: Meanwhile, in other sophisticated fields, at Elevation Levels in AI's Great Intelligence Games

      Alas, Mr Martian, you do not quite understand the complexities of the relationships between the various intelligence agencies. Let me elucidate:

      1 - Your agency only has budget - indeed, only exists - so long as there is a threat.

      2 - For reliably continuing existence, the threat needs to be of a kind which cannot EVER be eradicated.

      3 - Other intelligence agencies have exactly the same problem of maintaining their existence in an era of budget cuts

      4 - If you all agree to threaten each other, therefore, you are ensuring a continuing job and a nice pension at the end of it...

      As an aside, since the job is 'very secret', it is by definition never audited. So what you actually DO is pretty irrelevant...

      1. amanfromMars 1 Silver badge

        Aliens understand perfectly the folly of fools who would be useful tools

        Quite so, Dodgy Geezer. Invent and exercise the threat, and occasionally, or as often as needs be, sacrifice a few inconsequential pawns and destabilise a few regions with crooked rhetoric and hot weapons, allows one to lead from the front in relative total control with no real damage. Or it used to before the system got greedy and stupid, whilst others got smarter and lean.

        What do you think of Team Blighty's Intelligence Services.... MI5/MI6/GCHQ? Oscar Winners or Pantomime Horse Arse Stars? Virtual Terrain Team Subject Matter Experts or Socket Puppets?

        1. Dodgy Geezer Silver badge
          Black Helicopters

          Re: Aliens understand perfectly the folly of fools who would be useful tools

          "...What do you think of Team Blighty's Intelligence Services...."

          What I think of their competence is, alas, not printable, but I think that a major point to make is that it is a grave mistake to think of them as 'Team Blighty's'. They owe allegiance primarily to the maintenance of their own position, and are happy enough to work with any other similar organisation to maintain that, of the East or West. The one consideration you will NOT find in their schemes is the greater good of the UK and its patient taxpayers...

          1. amanfromMars 1 Silver badge

            Every cloud has a silver lining that makes one fortunate, and in some cases, one a fortune

            ""...What do you think of Team Blighty's Intelligence Services...."

            What I think of their competence is, alas, not printable, but I think that a major point to make is that it is a grave mistake to think of them as 'Team Blighty's'. They owe allegiance primarily to the maintenance of their own position, and are happy enough to work with any other similar organisation to maintain that, of the East or West. The one consideration you will NOT find in their schemes is the greater good of the UK and its patient taxpayers..." ...... Dodgy Geezer Posted Friday 27th July 2012 21:54 GMT

            Hmmm? In other words then, UKGBNI doesn't yet have a competent intelligence service, contracted and bought in for the greater good of the UK and its patient taxpayers?

            Yes, I concur, Dodgy Geezer, and would point out that such an omission provides a fabulous opportunity for any and all who are able to supply what is patently missing. And having it on hand and to offer with Creative CyberSpaces' Command and Control Of Computers and Communications does have one pondering and wondering on who would be best placed and/or qualified to accept such an offer on their behalf, although the great temptation would always be to retain it as a private service too ....... which would also be most attractive and rewarding under acceptable conditions which preclude wanton abuse

            1. Dodgy Geezer Silver badge
              Black Helicopters

              Re: Every cloud has a silver lining that makes one fortunate, and in some cases, one a fortune

              "...a fabulous opportunity for any and all who are able to supply what is patently missing. And having it on hand and to offer with Creative CyberSpaces' Command and Control Of Computers and Communications does have one pondering and wondering on who would be best placed and/or qualified to accept such an offer on their behalf..."

              At the beginning of WW1 the UK had a new, smallish and reasonably competent internal security service directed against German spies. It was set up specifically for this purpose in the anti-german scares leading up to WW1.

              Between the wars it languished slightly, but was revived when WW2 came along. In fact, a whole plethora of internal security groupings got set up, usually for quite specific war work, for instance, to address the threats from German radio beams, etc.

              At the end of WW2 most of these no longer had a job, and got closed down. The Signals Intelligence work had been so successful that it was retained into peace-time, and the Foreign Intelligence (MI6/SIS) had always been operating (though not as formally as it had during the war). The Internal Security (anti-German spy - MI5/SS) grouping managed to avoid closure by switching to being 'anti-Russian spy', and kept going as before.

              This was arguably justified by Eastern Bloc aims during the 1950s and 1960s, which were not that dissimilar from the German spy threat during the 1930s and 1940s. However, as Britain's military position in the world diminished, and as 'Glasnost' emerged in the 1980s, the Russian threat diminished as well, and the Security Service (SS) began to have VERY little to do. It was becoming a little backwater in government, a kind of gentleman's club that always got its budget, but was less and less relevant...

              Then came the fall of the Berlin Wall, and the collapse of the Soviet Empire. By 1993, Treasury was looking for the 'peace dividend', and could see no function that the SS could perform. SS tried to justify itself by claiming that it could assist with drugs and organised crime - which resulted in turf wars with HM Customs and the Met Police. Along the way it had the government's computer consultancy centre CCTA closed down, so that it could take the computer security budget and split it with CESG. But essentially, it was scraping the bottom of the barrel - there was no real work for it.

              Then came 2001 and the 'new threat' of Arab Terrorism. SS were frantic to build this up as a new reason for their existence. This explains why we have had so much interest in destabilising the whole Middle East and starting wars there. So long as the Arabs can be coerced into being enemies, they are a THREAT. And so long as a THREAT exists, SS has a job.

              SS had a very nasty scare in 1995-2000. It was staring redundancy in the face. If there is no major threat in the world then there is no need for a specific intelligence service to monitor it - occasional nutters attacking people is standard police work. So SS and its sister agencies work to ensure that a threat always exists. If they were abolished, as they nearly were in 1995, a lot of the major threats would go away....

This topic is closed for new posts.

Other stories you might like