Feeds

FBI on look-out for foreign government hackers

Reveal yourselves, immediately

  • alert
  • submit to reddit

SANS - Survey on application security programs

How seriously does the U.S. government take computer intrusion? Seriously enough for the threat of foreign hacking to take a prominent role in new rules governing the FBI's national security investigations issued by U.S. Attorney General John Ashcroft this week.

Ashcroft released a new version of the "Guidelines for FBI National Security Investigations and Foreign Intelligence Collection" on Wednesday. The new guidelines, billed as a response to the September 11 terrorist attacks, permit the Bureau to engage in the "proactive collection of information on threats to the national security," displacing an older policy that obliged the FBI to have a specific investigative purpose before collecting information on individuals or groups.

Like the older rules, the new guidelines allow the Attorney General to specify anything as threat to national security at any time. But a few threats are specifically hardcoded into the new rules: terrorism, espionage, sabotage, political assassination, and "foreign computer intrusion."

The latter is defined as "the use or attempted use of any cyber-activity or other means by, for, or on behalf of a foreign power to scan, probe, or gain unauthorized access into one or more U.S.-based computers."

The language is broader than a similar issue that debuted on the FBI's National Security List in 1995, when then-Attorney General Janet Reno added the "targeting of the national information infrastructure" to the list of threats, citing a danger of espionage or sabotage against U.S. systems by foreign powers.

So far, there have been no confirmed cases of state-sponsored hacking into U.S. computers. But an investigation into a series of sophisticated cyber attacks on Defense Department and university networks beginning in 1998 led investigators to a dead-end at the Russian Academy of Sciences in Moscow, prompting some officials to conclude that the intrusions were supported by the Russian government. The case, code named "Moonlight Maze" at the time, is reportedly still under investigation.

Copyright ©

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.