
FBI didn’t tell US targets as Russian hackers hunted emails - oblib
https://apnews.com/f1a5570b7ce04d39bab00ae3a9041460/FBI-didn%27t-tell-US-targets-as-Russian-hackers-hunted-emails
======
ianhawes
This is probably an unpopular opinion here, but I think the FBI cybercrime
division should be completely defunded and shutdown.

A new federal agency with the sole focus of combating cybercrime should be
created operating outside the DoJ.

The FBI treats cybercrime too much like a janitorial service. The special
agents involved in cybercrime have only some general cybercrime training;
their training is still overly broad, including firearms and combat training.

Part of the problem is that the FBI is also an intelligence organization, so
information that feeds into the FBI is almost never disseminated outside the
agency, and when it does it is almost always too late. Their reasoning is
"sources and methods".

What the Russians taught us in the 2016 Election is that it's no longer enough
to just _have_ information. You must act on it in innovative new ways. This
disruptive behavior (a la Wikileaks) has turned the US IC on it's head. If we
had an agency with a sole focus on cybercrime investigation and prevention
prior to the 2016 Election, we would probably have a different President right
now.

~~~
dsl
> The FBI treats cybercrime too much like a janitorial service.

This has changed in the last 5-8 years. They finally got agents that grew up
with computers.

Have you seen malwareinvestigator.gov? They built an automated framework for
pulling apart common malware and made it available to state and local law
enforcement to aid in investigations. This is just one example of the "new
FBI."

> information that feeds into the FBI is almost never disseminated outside the
> agency

I get a few intelligence reports from the FBI every week. Just because you
aren't seeing it, doesn't mean that it does not exist.

> If we had an agency with a sole focus on cybercrime investigation and
> prevention prior to the 2016 Election, we would probably have a different
> President right now.

As much as you dislike Trump, I don't really think you want to live in a
country where the IC influences elections. Remember that the FBIs job for the
most part is to investigate crimes, not prevent them. Mueller will do his job.

~~~
ZeroGravitas
> As much as you dislike Trump, I don't really think you want to live in a
> country where the IC influences elections. Remember that the FBIs job for
> the most part is to investigate crimes, not prevent them. Mueller will do
> his job.

Can you outline why this should be different from say terrorists flying planes
into buildings? I assume everyone wants the IC to be preventing that, not just
prosecuting those responsible afterwards?

One key difference is of course that one is trying to kill an unprecedented
number of innocent Americans, but it's possible his health reforms won't ever
get enacted and the EPA will be forced by the courts to actually do its job,
so there is still hope.

~~~
dsl
Only a small part of the FBI is part of the IC. Just like the Marines are part
of the IC, but you don’t think of them as a CIA like organization.

The FBI is part of the Justice Department, they are there to investigate
crimes that have been committed.

The IC does a ton of work to prevent attacks against America of all sorts.
They identified Russian interference and brought it to the Obama
administrations attention, exactly in line with what they should have done.

------
oblib
The thing that's missing in this article is the "attacks" were done by
phishing with email attachments and if one didn't know about that risk they
had to ignore thousands of warnings about it over a lot years.

Back in 2000 I woke up with an email in my box with the subject "I love you"
with an attachment. I took one look at it and deleted it. I thought about
calling my partner at the time and warning him about it but he'd been coding
with me for a few years so I figured he'd know what he was looking at.

I was wrong. He clicked on it and it deleted thousands of photos off his
computer. How people fall for that two decades later is not related to
"warning" them. We've all been warned for decades.

~~~
x1798DE
It's not a _huge_ difference, but there is a softened between phishing and
spear-phishing. It's a lot easier for a specifically crafted spear-phishing
campaign to get through whatever mental heuristics you use to identify scams
than the broad phishing campaigns you usually see.

"Dear X, This email is to set up a meeting to discuss Kaylee's performance in
school. Please click here to sign in to our new parent conference scheduling
software. Signed, Y, Kaylee's School, Principal"

~~~
oblib
Yes, that kind of scam can suck some in but it's up to management to educate
employees on what to be aware of and how to detect and react to it.

The threat is so constant and pervasive though that it's hard for me to
imagine that management in any government agency hasn't educated employees
about how to deal with these kinds of threats, but not impossible because I
don't have to imagine someone did bite.

I just can't make the leap that the FBI is to blame though. That's just a leap
too far.

~~~
weaksauce
They share some of the blame. The FBI could have said to the parties involved,
"you are going to be targeted by scammers looking to get your emails, be extra
vigilant with what you click on."

It's a difference between targeted attacking and fish net hacking or phishing
without a target.

------
chisleu
They are not responsible for crime prevention, but there are many private
Intel forms that do notify. (Former senior software engineer for one such firm
here)

~~~
Spooky23
Where would one look for such a service? What are the magic words?

~~~
dsl
"threat intelligence," but beware it has become a bit of an industry buzzword
now. :/

------
sigmar
One of the journalists of this AP piece (Satter) also wrote a medium post
containing a short Q&A about the "notification gap... between what’s known
privately about cyberespionage and what’s said publicly"

[https://medium.com/@rsatter/the-notification-
gap-69895c93b05...](https://medium.com/@rsatter/the-notification-
gap-69895c93b053)

------
Overtonwindow
_Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian
government-aligned cyberespionage group, turned up only two cases in which the
FBI had provided a heads-up._

If you were targeted by Russian hackers, and you happened to be a high level
government official, would YOU admit to it? This is like asking a room full of
thieves if they robbed the bank. I think it's more likely the FBI DID notify
many of them that they had been targeted, but like the DNC, it either got lost
through the cracks, was ignored, or possibly seen as some political ploy.

~~~
dragonwriter
> If you were targeted by Russian hackers, and you happened to be a high level
> government official, would YOU admit to it? This is like asking a room full
> of thieves if they robbed the bank.

Its more like asking a bunch of banks if the FBI has warned them of plots by
thieves.

~~~
tonyztan
It's more like asking a bunch of _robbed_ banks if the FBI has warned them of
plots by thieves.

