With hackers around the world taking aim at business and government sites seemingly at will, one would think the FBI would have a solution. Think again.
Speaking to The Wall Street Journal in an interview published yesterday, FBI executive assistant director and cyber czar Shawn Henry said that despite recent arrests of alleged hackers "Sabu" and others, "we're not winning."
It might be hard to argue with Henry's assertion. Although dozens of hackers have been arrested worldwide, the attacks keep coming. Earlier this week, for example, hackers took aim at a military dating Web site and posted information on nearly 171,000 accounts on Pastebin. Last month, hackers offered up the source code for Symantec's PCAnywhere. Those attacks are just a couple in a string of hacks that have left companies and governments on edge.
"I don't see how we ever come out of this without changes in technology or changes in behavior, because with the status quo, it's an unsustainable model," Henry told the Journal. "Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security."
Henry's comments of seeming helplessness follow similar statements made yesterday by National Security Agency Chief Gen. Keith Alexander. Speaking before the Senate Armed Services Committee, Alexander said that China is stealing a "great deal" of the U.S. military's intellectual property and so far, the U.S. has done little to stop it.
The issue for companies and governments is that there are too many hackers out there and that they have far too many points of entry to steal data. Security experts and the government are playing a "Whac-a-Mole" game that, so far, they're losing. It also doesn't help, Henry told the Journal, that the hackers are doing an exceedingly good job of plying their trade. When one hacker is taken down, another is ready to take their place.
Despite those threats, Henry won't need to worry about prosecuting those hackers much longer. According to the Journal, he's leaving the FBI and going to an undisclosed Washington, D.C.-based company to handle its cybersecurity efforts.