FBI says more cooperation with banks key to probe of cyber attack

WASHINGTON: The FBI last month gave temporary security clearances to scores of US bank executives to brief them on the investigation into the cyber attacks that have repeatedly disrupted online banking websites for most of a year. 

Bank security officers and others were brought to more than 40 field offices around the country to join a classified video conference on "who was behind the keyboards," Federal Bureau of Investigation Executive Assistant Director Richard McFeely told the Reuters Cybersecurity Summit on Monday. 

The extraordinary clearances, from an agency famed for being close-mouthed even among other law enforcement agencies, reflect some action after years of talk about the need for increased cooperation between the public and private sectors on cybersecurity. 

The attacks, which have been ascribed by US intelligence officials to Iran, are seen as among the most serious against US entities in recent years. McFeely declined to discuss details of the investigation, including what the banks had been told and whether Iran was behind the attacks. 

Banks have spent millions of dollars to get back online and make sure they can stay online. JP Morgan Chase & Co, Bank of America, Wells Fargo, Citigroup and others have been affected. 

McFeely said the one-day secrecy clearances are part of a broader effort by the FBI to communicate more with victims of cybercrime, some of whom feel that cooperating with federal authorities carries too much risk of exposure to investor and media scrutiny. 

A February executive order from President Barack Obama called for expedited security clearances. 

McFeely, who began overseeing FBI cyber and criminal cases last year, said the agency was changing its approach after being "terrible" in the past about keeping targeted companies informed of progress in investigations. "That's 180 degrees from where we are now," McFeely said at the summit, held at the Reuters office in Washington. 

The FBI is working harder at securing international help in combating cybercrime and sabotage, but also needs dramatic gestures, such as espionage arrests of hackers from rival countries, to convince US companies to be more open about their losses, he said. 

On the international front, the FBI and Department of Homeland Security have notified 129 other countries about 130,000 Internet protocol addresses that have been used in the banking attacks. Many of the computers involved in the attacks were infected by viruses before being directed to attack banking websites, and the bulletins have helped other countries to clean some of the computers, FBI officials said. 

National Security Agency Director Keith Alexander and other officials have said that the massive theft of intellectual property by China and other countries amounts to the largest transfer of wealth in history. Individual companies, however, have rarely admitted material losses. 

McFeely said that part of the problem was that companies have been frustrated at the extreme rarity of overseas arrests or other signs of tangible progress in nascent international talks over the issue. Even some defense contractors contacted by the FBI after breaches are reluctant to share information with agents, he said. 

But McFeely said that some indictments have been issued under seal and that arrests would follow, perhaps when hackers identified by name travel outside their home countries. "The first time we bring someone in from out of the country in handcuffs, that's going to be a big deal," McFeely said.

IT services companies under attack from cyber crooks

MUMBAI: Information technology services companies, including Indian outsourcers, are increasingly coming under attack from global cyber-crime rings seeking access to valuable data of clients, typically those belonging to the financial services industry. This was highlighted by the recent $45-million (Rs 247 crore) ATM heist involving two Gulf-based banks, where the first security breach happened at Pune-based payments processor ElectraCard Services.

For the first time, the Indian IT services industry, which earns a significant portion of its revenues from banks and financial services clients, was the top targeted sector in India in 2012, according to security software maker Symantec, which published the latest edition of its Internet Security Threat Report last week.

Another security solutions company, Kaspersky, also highlighted IT services as one of the top four sectors in the cross-hairs of hackers.

"It is no longer a question of hackers showing off. Now the goal is to steal information and profit from it," said Dinesh Pillai, CEO at Mahindra Special Services Group, which specialises in corporate security risk consulting. According to Symantec, globally, data breach in the IT sector has nearly doubled from 2.7% of all breaches in 2011 to 5% in 2012. "Today we are seeing large call centres coming to us and saying 'can you break into computers, manipulate employees, whatever, but we need to know where the flaws are. Because it's only a matter of time before someone gets penalied'," Pillai said.

India's $76-billion (Rs 4.2 lakh crore) software export sector is also taking steps to protect itself ahead of a comprehensive data security law that Europe is enacting, which could cost them as much as 2% of sales for any data breach.

Technology services companies were reluctant to discuss what challenges they faced or whether there had been an increase in security incidents. WiproBSE -0.13 %, the country's third-largest software exporter, said it was arming itself with predictive analytics technology to be able to respond to internal and external threats in real time. InfosysBSE 0.48 % said it had "a robust information security framework" that was periodically reviewed and audited internally and jointly with the clients, but said it "cannot share these details externally".

TCS, Cognizant and HCL TechnologiesBSE -1.46 % did not reply to emails seeking their views.

Kamlesh Bajaj, chief executive at Data Security Council of India, an industry initiative to ensure that robust security practices are adopted by companies in the sector, said IT companies typically adopted standards acceptable in their clients' countries.

"When we analyse security measures, we find that companies like Genpact, TCSBSE 0.42 % and Infosys have stronger security measures in place than the captives of foreign companies," Bajaj said. "Indian BPOs don't even let their employees access Gmail because that might hurt the security of the system."

Senior industry executives said it was not just about IT services companies, but a case of cyber crime increasing in general. "Breaches may happen, but they are tiny in number compared with the number of attacks," said Som Mittal, president of Nasscom, which represents India's $108-billion ( .`5.9 lakh crore) IT indus-try. "The recent incident should be seen as a one-off case, even as the country and the industry continue to strengthen capabilities to thwart cyber attacks and cyber crimes that are rising globally," he said, referring to the ATM heist.

Among financial services clients of the Indian IT sector, American Express declined comment while JPMorgan, Ameriprise and Citigroup did not reply to emailed questionnaires.