Federal Bureau of Investigation Deputy Director David L. Bowdich. (Lee Pellegrini)
网络威胁“比以往任何时候都更广泛”,包括国外严重的侵略者, notably in China and Russia, David L. Bowdich, deputy director of the Federal Bureau of Investigation, told several hundred representatives from academia, private industry, 以及执法部门参加了第三届波士顿网络安全年会, BCCS 2019, held at Boston College on March 6.
"We’re worried about a wider-than-ever range of threat actors, from multi-national cyber syndicates to nation-state adversaries; we’re concerned about a wider-than-ever gamut of methods, from botnets to ransomware, and from spearfishing to business email compromise," Bowdich said. “我们在几乎每家公司、各个层面都看到了这些不同的威胁. 担心自己会不会成为下一个受害者的日子已经一去不复返了. 相反,这是一个何时,甚至是你被击中的频率,以及会有多严重的问题."
他说,所有公司、系统、网络和单个信息都是攻击目标. "Every link in the chain is a potential vulnerability,包括企业内部员工和承包商面临的“内部威胁”.
“没有哪个国家的情报收集威胁比中国更广泛、更严重...俄罗斯仍然是一个严重的威胁,但在许多方面,俄罗斯正在进行今天的战斗. China is fighting tomorrow's fight.”
The Boston Conference on Cyber Security, organized by Boston College and the FBI, 旨在寻求更好的方法来抵御这些侵入性网络威胁,并应对美国的脆弱性.S. information systems. BCCS是联邦调查局和 Master of Science in Cybersecurity Policy and Governance degree program at BC's Woods College of Advancing Studies.
鲍迪奇在加森大厅的演讲集中在国家支持的电脑入侵的增加上, and efforts deployed by rival nations, notably China, to weaken the U.S. 鲍迪奇说:“没有哪个国家比中国对情报收集构成的威胁更广泛、更严重。. “目前,几乎每个FBI外地办事处都有指向中国的经济间谍案.
"China's goal is to replace the U.S. as the world's leading superpower," he said, and is using an expanding set of nontraditional methods, both lawful and unlawful, to that end.
BCCS 2019 attendee Jarret Wright, a graduate of BC's M.S. in Cybersecurity and Governance Program, 是国土安全部的安全顾问(李·佩莱格里尼)
As an example, 他引用了2018年12月因阴谋进行计算机入侵而被起诉的两名中国黑客, wire fraud, and identity theft. Part of a hacking group known as APT 10, the two acted in association with the Chinese government, he said, 从2006年到2018年,通过访问超过45家科技公司和政府机构的计算机网络,窃取了数百gb的敏感数据.
Russia, he said, remains a threat as well. "But Russia, in many respects, is fighting today's fight. China is fighting tomorrow's fight."
他的机构应对日益增长的网络入侵威胁,不仅需要网络团队的专业知识和经验,还需要反情报部门的专业知识和经验, weapons of mass destruction, counterterrorism, and criminal divisions.
“来自联邦调查局的调查情报是美国政府面临的一个关键难题.S. 在确定谁是袭击的幕后黑手时。”他说. “就像我们的对手正在使用他们所拥有的一切工具来实现他们的目标一样,我们也一样.”
With an elite, 快速反应网络行动小组以及全国各地的多机构网络任务小组以及驻扎在世界各地大使馆的网络武官, the FBI has valuable global reach.
In January 2019, he said, as a result of a joint investigation by the FBI and IRS, in conjunction with partners in Belgium and Ukraine, and with Europol, 司法部宣布查封xDedic Marketplace, 一个在世界范围内出售受感染计算机访问权限的网站, including access to personally identifiable information.
“我们认为该网站促成了超过6800万美元的欺诈行为," he said; its victims "span the globe and all industries, including local, state, and federal government infrastructure; hospitals; 911 and emergency services; call centers; major metropolitan transit authorities; accounting and law firms; pension funds; and universities."
鲍迪奇还讨论了为保障2020年美国大选所做的努力.S., including classified workshops for state election officials, 成立了一个由联邦调查局各部门专家组成的外国影响特别工作组, and partnerships with other countries.
这也是执法部门之间进行合作的一个领域, private industry, and other organizations is critical, he said—a theme echoed throughout the daylong event.
“我们与联邦调查局在这些年度会议上的合作是我们在东北地区建立和加强网络安全生态系统的努力的一部分...将工业界、学术界和政府联合起来解决这些问题. 我们正在与联邦调查局一起牵头召集领导和专家,以便这些各自的组织能够合作加强网络安全. ”
Kevin R. Powers, founding director of the Boston College M.S. in Cybersecurity Policy and Governance Program (Chris Soldt)
“我们与联邦调查局在这些年度会议上的合作是我们在东北部建立和加强网络安全生态系统的努力的一部分," said Kevin R. Powers, 网络安全政策和治理项目的创始人和主任, 她还是不列颠哥伦比亚省法学院和卡罗尔管理学院商业法律与社会项目的助理教授. “这就是我们的目标:在这些问题上把产业界、学术界和政府联合起来. 我们正在与联邦调查局一起牵头召集领导和专家,以便这些各自的组织能够合作加强网络安全."
Woods College Interim Dean David M. Goodman and Joseph R. Bonavolonta, FBI special agent in charge and head of the Boston Field Office, served as conference co-chairs. Powers and FBI Special Agent Doug Domin, who oversees the Boston office’s Criminal Cyber Squad, were co-masters of ceremonies.
BCCS 2019以新兴技术学科为特色的讲座和小组讨论, operations, and enforcement, 以及关注风险的实际网络和国家安全经验, compliance, policy, threat trends, preparedness, resilience, and defensive strategies. In addition to speakers from the FBI and BC Law, representatives from the following organizations, government agencies, and companies participated: FireEye, IBM Security, Ropes & Gray, Raytheon, Rapid7, Splunk, Cisco, Jones Day, Guidehouse, MITRE, State Street, Citi Group, Mintz Levin, General Electric, HYCU Inc., U.S. Steel, Draper Labs, Federal Reserve Bank, Liberty Mutual, Oracle, Dell EMC, Eversource, Orrick, Facebook, Circle, U.S. Bank, Charles River Labs, Arbella Insurance, Holland & Knight, Venable, LPL Financial, VMware, Massachusetts Public Safety, Data Protection Commission (Ireland), Bank of Montreal, Internal Revenue Service, Secret Service, the National Security Agency, and the U.S. 司法部、财政部、国土安全部和国防部.
不列颠哥伦比亚省法学院的创新与创业项目是14个活动赞助商之一.
“打击网络犯罪是联邦调查局的首要任务之一,因为它对我们的国家安全和经济构成了直接威胁," said Bonavolonta. “如果没有与私营部门的密切合作伙伴关系,我们所做的工作是不可能的."
——patricia Delaney和Phil Gloudemans |《大学传播