The FBI last month gave temporary security clearances to scores of U.S.
bank executives to brief them on the investigation into the cyber
attacks that have repeatedly disrupted online banking websites for most
of a year.
Bank security officers and others were brought to more than
40 field offices around the country to join a classified video
conference on "who was behind the keyboards," Federal Bureau of
Investigation Executive Assistant Director Richard McFeely told the
Reuters Cyber-security Summit on Monday.
clearances, from an agency famed for being close-mouthed even among
other law enforcement agencies, reflect some action after years of talk
about the need for increased cooperation between the public and private
sectors on cybersecurity.
The attacks, which have been ascribed by
U.S. intelligence officials to Iran, are seen as among the most serious
against U.S. entities in recent years. McFeely declined to discuss
details of the investigation, including what the banks had been told and
whether Iran was behind the attacks.
Banks have spent millions of
dollars to get back online and make sure they can stay online. JP
Morgan Chase & Co, Bank of America, Wells Fargo, Citigroup and
others have been affected.
McFeely said the one-day secrecy
clearances are part of a broader effort by the FBI to communicate more
with victims of cyber-crime, some of whom feel that cooperating with
federal authorities carries too much risk of exposure to investor and
A February executive order from President Barack Obama called for expedited security clearances.
who began overseeing FBI cyber and criminal cases last year, said the
agency was changing its approach after being "terrible" in the past
about keeping targeted companies informed of progress in investigations.
"That's 180 degrees from where we are now," McFeely said at the summit, held at the Reuters office in Washington.
FBI is working harder at securing international help in combating
cybercrime and sabotage, but also needs dramatic gestures, such as
espionage arrests of hackers from rival countries, to convince U.S.
companies to be more open about their losses, he said.
international front, the FBI and Department of Homeland Security have
notified 129 other countries about 130,000 Internet protocol addresses
that have been used in the banking attacks.
Many of the computers
involved in the attacks were infected by viruses before being directed
to attack banking websites, and the bulletins have helped other
countries to clean some of the computers, FBI officials said.
Security Agency Director Keith Alexander and other officials have said
that the massive theft of intellectual property by China and other
countries amounts to the largest transfer of wealth in history.
Individual companies, however, have rarely admitted material losses.
said that part of the problem was that companies have been frustrated
at the extreme rarity of overseas arrests or other signs of tangible
progress in nascent international talks over the issue. Even some
defense contractors contacted by the FBI after breaches are reluctant to
share information with agents, he said.
But McFeely said that
some indictments have been issued under seal and that arrests would
follow, perhaps when hackers identified by name travel outside their
"The first time we bring someone in from out of the country in handcuffs, that's going to be a big deal," McFeely said.
© Thomson Reuters 2013