‘This is our mission, to reach out as guests.’ A London-based speaker from the FBI told the opening of a conference on banking and multi-national company security.
Todd Renner of the FBI’s cyber division said “Why is the FBI in London? We are assigned here to do collaborative work with our partners, we are guests of the British and are in 70 countries (embassies).’ Cyber threats which affect the United States also affect other countries. Another theme of his talk was how cyber and other threats such as terrorism and foreign counter-intelligence are blending – ‘anyone see the Russian stuff last week?’ he said in passing.
Who You Going To Call?
‘We all understand bank robberies,’ he said. They lead to ‘wanted’ posters with video stills, headlines and armed response, yet the amounts stolen may be only in the hundreds of pounds. By contrast, cyber-crimes can lead to losses in the millions, and we don’t have armed response or any big public outcry. He mentioned a recent FBI alert of malware to access bank customers’ card data, for large-scale theft from ATM’s. Smaller financial institutions and third-party vendors are more likely to have less robust company security, and to be vulnerable, he said. He stressed the Bureau’s need for companies to help, in complex and global investigations.
He raised some questions for banking security. ‘We don’t do fire drills in cyber security.’ How are you going to stop the losses, who are you going to call in law enforcement? Do you know your regional organised crime unit? Do you have someone who is going to help you get answers quickly? What evidence are you going to seize, and what are you going to freeze so that police might be able to track culprits? What are your lawyers going to let you share? If you are a multi-national company, how does it apply in each country? He ended with his email address, showing that his job is ‘to get out and talk to you guys’, meaning the audience of bank security managers.
During questions from the floor, he spoke further that bank crime has evolved so that it’s both physical (‘money mules’ laundering cash, jackpotting – so an ATM spews out money, and card skimming) and cyber, besides pure ‘strong-armed’ robbery. He hinted that the likes of North Korea that are ‘having a hard time’ to raise money might steal from banks, likewise Russian cyber criminals can only operate by paying someone in authority. In other words, in some countries crime and authority have some sort of links, he implied.
