At a recent security conference Michael Welch, the deputy assistant director of the FBI’s Cyber Division, gave a speech where he discussed the issue of SCADA security.
Information Age magazine reported on his speech and quoted Welch as saying:
"We just had a circumstance where we had three cities, one of them a major city within the US, where you had several hackers that had made their way into SCADA systems within the city,"
We don’t know which cities Welch is referring to, but this does bring more light to a subject that has been mired in confusion of late.
Many argued that the security of SCADA systems was being exaggerated after it became public that the water treatment attack in Springfield, IL was a false alarm.
That of course ignores the attack by pr0f on the City of South Houston’s systems and these other three referred to by Welch.
It’s great that Welch acknowledges the work we have to do in this area and even went so far as to suggest the FBI will double the size of their Cyber division in the next 12 to 18 months.
Sound too good to be true? Then it probably is.
A story on PoliceLedIntelligence.com shows the FBI’s budget for Cyber will increase by $19.6 million, or approximately 12 percent.
The majority of the funding increase will be used to expand their operation from 8 hours/5 days to 24 hours/7 days.
They even explained this to Congress, justifying their need for the funds:
"Because threat actors operate globally, a significant volume of cyber threat activity occurs outside of normal business hours."
I am not sure how traditional crime fighting works, but it would seem a Monday to Friday 8 to 5 operation would not work for anyone taking the job seriously.
A doubling of the FBI’s Cyber division would be a welcome step towards more criminals getting their well earned punishments, but I don’t see how a 12 percent increase is going to get us there.
Don’t be discouraged though, if you are a victim of an online crime you should continue to report it to your local law enforcement and if you live in the US to the Federal Trade Commission.
Who knows, you might be the next victim who gets compensated when the FBI get around to catching these guys.Follow @chetwisniewski