Former FBI director Mueller: Home hacks called on par with globals
Corporations lucky enough to have avoided being hacked by cyber criminals should not expect their luck to continue, the former head of the FBI said Wednesday night before a capacity crowd in Heinz Hall, Downtown.
“There are two groups: Those that have been breached now, and those that will be breached later,” Robert Mueller said during a 45-minute speech that touched on topics ranging from his 12 years at the FBI to terrorism and the fallout of 9/11. The speech was part of the Pittsburgh Speakers Series sponsored by Robert Morris University and Trib Total Media.
Though Russian and Chinese hackers and organizations tied to terrorists pose cyber threats to big businesses such as PNC and UPMC — both of which recently experienced security breaches — equally credible threats exist within employee ranks from those “with keys to the ‘crown jewels,' ” Mueller, 70, warned.
“Oftentimes, more damage can be done from someone inside with access to your networks than by the Russians or the Chinese,” he said.
A new kind of vigilance is needed to combat corporate cybercrime, David Thaw, an assistant professor of law and information sciences at the University of Pittsburgh, told the Tribune-Review earlier Wednesday.
“You've got to perform risk assessments, make plans from those assessments and then keep both up to date,” Thaw said.
As businesses increasingly work their way into a global network, they can become targets as well as tools to attack other businesses, government agencies or people, Thaw said.
Some ways to limit those risks, he said, include diligently vetting new hires, providing ongoing training and working to quickly remove former employees' access to networks.
Mueller praised assistance from Carnegie Mellon University for helping the FBI complete a long overdue and over-budget electronic case- management system.
“I believe this is a hotbed of computer capability,” Mueller said.
Thaw said Pittsburgh is becoming a “known name” in cybersecurity. He cited the efforts of U.S. Attorney David Hickton, whose office this summer indicted Russian and Chinese hackers; having the National Cyber-Forensic and Training Alliances based on the South Side; and having two major research universities in Pitt and Carnegie Mellon focused on computer science and information technology.
“The confluence of all of those things has made Pittsburgh a rich area to do all of this,” Thaw said.
Mueller took over the FBI a week before the Sept. 11, 2001, terrorist attacks and retired in September 2013 — making him the longest-serving FBI director since J. Edgar Hoover.
In March, Mueller joined the law firm WilmerHale as a partner. The NFL this fall hired him to conduct an independent investigation into how the league handled the suspension of former Baltimore Ravens running back Ray Rice, who appealed his indefinite suspension for domestic violence.
Mueller took questions after his speech, but the audience at Heinz Hall was told he would not discuss the ongoing investigation.
During his time with the FBI, Mueller changed the culture of the agency and its mission — from investigating crimes and solving cases to gathering post-9/11 intelligence, said Ronald Kessler, an award-winning investigative journalist and author of 20 books, including “The Secrets of the FBI” in 2011.
“He really has been one of the few people responsible for the fact that we have not had a successful foreign terrorist attack since 9/11,” Kessler told the Tribune-Review. “He kept us safe.”
At every briefing during his tenure, Mueller said he faced the same question: “What is the FBI doing to prevent the next terrorist attack?”
“Over two presidencies, that question remained the same,” he said.
Mueller said he knew the FBI would be judged not just on its success in preventing terrorist attacks but on how well it abided by the Constitution while doing its job.
“We did our best not only to thwart attacks, but we did so by keeping civil liberties in mind,” he said.
Jason Cato is a staff writer for Trib Total Media. He can be reached at 412-320-7936 or firstname.lastname@example.org.