Peter High and M.K. Palmore at the Forbes CIO Summit 2019.
The arrest of Wikileaks founder Julian Assange marks the first step toward bringing to court one of the most prominent cyber crimes in American history. With cyber-threat actors making a living off of hacked information, it should come as no surprise that U.S. government intelligence agencies are shifting focus and resources to address the issue, which includes $15 billion set aside from the President’s budget for cybersecurity-related activities.
Symantec’s Internet Security Threat Report notes this is especially true for large companies with enterprise ransomware up 12% in 2018. According to M.K. Palmore, San Francisco’s head of cybersecurity at the FBI, the agency alerts companies on a weekly basis of cyber threats. “No one sees the entire cyber landscape, but we can see a portion of it,” Palmore told the audience at the Forbes CIO Summit in Half Moon Bay, California.
Palmore’s Northern California jurisdiction stretches from Silicon Valley to Eureka, California, where the FBI has seen a high volume of cyberscurity threats and attacks that are either financially motivated criminal intrusions or national cyber intrusions. “We spend a lot of time diving into what a bad day looks like for your CSO and CIO,” said Palmore.
The agency discovers cyber activity through normal investigations, which the FBI says mostly comes from overseas threat actors targeting specific companies.“A cyber threat actor—even an advanced one—will take a phishing email access to your enterprise over a high-level intrusion or breach,” said Palmore. These actors are specifically targeting low-hanging fruit with the goal to engage as many vulnerable targets as possible.
The former Marine and 22-year veteran of the FBI emphasized the importance of establishing a repertoire with enterprises before they have an intrusion. “I can’t tell you the number of times an enterprise reached out to us in an effort to triage an issue they’re dealing with and they’ve basically reached the end of their ability to solve the problem."
He says building a relationship with the agency before trouble arises can lead to an useful exchange of information. “We have personnel within the company that has clearance who are able to offer classified briefings to that enterprise and let them know exactly how much information we might have.”
The most alarming part for enterprises or anyone with computer really? The FBI’s inability to keep up with cyber threat actors. “We can’t scale to the problem fast enough.”
