Banking Exchange Magazine Logo

FBI details 5-point cyber crime battle plan

Details why the bureau blames North Korea for Sony hack

FBI details 5-point cyber crime battle plan

FBI “has very high confidence” that Sony Pictures Entertainment recent hack was perpetrated by North Korea, through malware that that country has used to attack South Korean banks and media outlets, according to Director James Comey.

Comey spoke recently at the International Conference on Cyber Security in New York, where he also detailed a five-point strategy the FBI will pursue to counter cyber-attacks.

North Koreans “MO” revealed by slip-ups

Regarding the Sony hack, Comey said, “Several times they got sloppy. Several times, either because they forgot or because they had a technical problem, they connected directly and we could see them. And we could see that the IP addresses that were being used to post and to send the e-mails were coming from IPs that were exclusively used by the North Koreans.”

In addition, he said that the bureau has “a range of other sources and methods,” which he declined to describe, that leads him to believe “not with just high confidence, but very high confidence that the North Koreans perpetrated this attack.”

Comey used this example as a way to lead in to a description of how the government plans to address cyber crime as billions of people worldwide become more closely connected through the internet.

Detailing the strategy: public-private partnership

Here’s how Comey summed up the strategy:

“We’re going to try to focus ourselves; we’re going to try to shrink the world; we’re going to try to impose real costs on bad actors; we’re going to improve our relationships with state and local law enforcement; and, most important of all, we’re going to try to improve our relationship, our battle rhythm, our working relationship with private-sector partners.”

Regarding this last point, Comey said he understands the frustration private companies have when dealing with the government, mentioning that he had been general counsel at two companies before coming back into government  service.

“I’ve been in lots of conversations that went like this: ʻWhy doesn’t the government tell us something?’…ʻWhat are they going to do with what we tell them?’ ʻWhat if it leaks?’ ʻWhat if it gets used against us in a competition?’ ʻWhat if we get accused of lying to somebody?’ ʻWhat if we get sued?’ ʻWhat are our shareholders going to think?’ ʻWhat’s the board going to think?’ ʻWhy can’t the government tell us things that we can actually do something about?’” Comey said.

Still, Comey pointed out, the great majority of harm perpetrated by cyber criminals manifests itself in the private sector.

“All of it is in your world, private-sector partners,” Comey said. “Invariably, that’s where the victims are. That’s where the information is that we need in order to be able to respond to actions by nation states, by terrorists, by hacktivists … If we can’t find a way to effectively share that information to those of us with the enforcement powers, we’re sunk.”

Finding more ways to cooperate will be difficult, Comey acknowledged.

“I think we need clearer rules for the private sector, to offer clear rules of the road for what will happen to what you share and what we need you to share,” Comey explained. “We need better technology and to be able to share information both ways more effectively and more quickly.”

Comey added: “You need protection. You need guidance. I [law enforcement] need information.”

Four more points for doing battle

The other parts of FBI’s five-point strategy include:

Focus—Concentrate resources to go after the nation-state actors and the most dangerous criminal syndicates and international operations; designate a single FBI field office to take the lead in dealing with cyberthreats, assisted by a team of up to four other designated field offices.

Shrink the world—Forward-deploy more cyber special agents of the FBI in foreign partners’ offices, as well as coordinating domestic agency efforts through the National Cyber Joint Investigative Task Force.

Impose costs on criminals—Catch perpetrators and bring them to justice or, as in the case of North Korea, expose their actions as publicly as possible.

Coordinate with state and local law enforcement—Equip partners to be digitally literate and to conduct investigations at state and local levels; work with the Secret Service to offer training to such organizations around the country.

Read Comey’s speech

John Ginovsky

John Ginovsky is a contributing editor of Banking Exchange and editor of the publication’s Tech Exchange e-newsletter. For more than two decades he’s written about the commercial banking industry, specializing in its technological side and how it relates to the actual business of banking. In addition to his weekly blogs—"Making Sense of It All"—he contributes fresh, original stories to each Tech Exchange issue based on personal interviews or exclusive contributed pieces. He previously was senior editor for Community Banker magazine (which merged into ABA Banking Journal) and for ABA Banking Journal and was managing editor and staff reporter for ABA’s Bankers News. Email him at [email protected]

back to top


About Us

Connect With Us


Webinar: In-person and Remote Banking –
Why this Hybrid Model is the Future of the Branch

Banks combine the brick and mortar
physical banking experience with virtual banking

Time/Date: August 5th, 2021 2:00 P.M. ET

As consumers increasingly prefer to engage with their bank remotely instead of going to a branch location, institutions are looking to modernize the ways in which they interact with customers. Depending on the complexity of the banking activity, some consumers will use self-service digital channels while others will turn to channels where they can get human help. In a hybrid banking model, banks combine the brick and mortar physical banking experience with virtual banking.

In this webinar, OneSpan and guest speaker Alyson Clarke, Principal Analyst at Forrester Research, will discuss why hybrid banking will become mainstream and the importance of putting the right tools in place to support remote account opening, account maintenance, wealth management, and lending.


This webinar is brought to you by:
OneSpan Logo