WORKING IN THE FRONT LINES
This has always been one of my favorite parts of Thrillerfest, having the chance to learn from members of the investigative services. In the past, we’ve had the chance to question CIA and FBI agents. Today, it was 2 FBI, 2 Secret Service and one Royal Canadian Mountie (retired, with a thriller of his own on sale at the book store). My paraphrases of their information:
FBI 2: The bad guys have always used technology to get ahead, starting with vehicles. Now they’re moving into identity theft and fraud. They’re not just hacking, they’re moving into identity theft and fraud.
There was a shared concern across the panel about two topics in particular:
First, Cyber actors working on the industrial grid (Electrical, Telephony, Water, Health Systems, Industrial Control Systems). Anything that’s on the Internet can be hacked and it’s a bigger concern as we grow the Internet of Things onto an already wobbly infrastructure. They pointed to Denial of Service Attacks on financial institutions here a few months ago and an incident at the Logan Dam in upstate NY a few years ago, where Iranian hackers were able to hack the dams controls. No harm was done only because the computer control in that case never worked properly, but the incident is seen as an example of what is possible.
Second: Ransomware is a fast-rising problem and one they are now dealing with regularly. Costs a lot of money. They officially recommend not paying but understand that often, businesses in particular can’t afford to lose the information or the trust of their customers so they choose to pay.
Secret Service 1: Kids at home now have the tools to create counterfeit money. This is new–it used to take specialized hardware to do that job; no longer. However, he said we shouldn’t overblow the situation. Counterfeit money now amounts for 3 or 4% of the money in circulation. When the Secret Service was founded, at the end of the Civil War, counterfeit currency amounted to over 80% of the bills out in the world. That was an astonishing number to me, as was their success rate.
The former Canadian Mountie was asked whether gun control measures in Canada had any effect on law enforcement and he said they definitely did. Canada has a database of all gun owners (who have to pass a background check to get them). He said that, while he agreed that criminals would always find a way to get guns, it was definitely helpful to know before responding to a domestic abuse situation whether or not there were firearms at the location. They would bring 2 to 3 officers routinely but 5 or 6 if there were guns present.
FBI 2: Reminded the audience that more people will die of beestings than terrorism this year. Cybercrime, however, threatened about 320 million people this year, between business disruptions, infrastructure threats, etc. The big point here is that good Internet hygiene–not opening questionable Internet or email links–is still the overwhelming way the bad guys get us to trigger these attacks. Once you’ve clicked, you can’t pull the plug fast enough to stop the infection.
Secret Service 1: Talked about the interconnectedness of things and how it complicates his job. If he had to protect the room we were sitting in, for example, the lights, temperature and elevator are all remotely controllable–Step One for them is to make sure they have those things secured long before the arrival of anyone they protect.
It was fascinating to watch these guys interact, to see their seriousness and also their disdain for conventional wisdom or the demagoguery that passes for political wisdom. Toward the end, they were asked what we should be scared of. Two said Ransomware but another answered, ‘Nothing. There are lots of things to be concerned about but very little to be scared of. Instability is increasing, that might become an issue but for now, don’t be scared. Enjoy life.’
Next: David Morrell interviews Walter Mosley