Banking Exchange Magazine Logo

FBI details 5-point cyber crime battle plan

Details why the bureau blames North Korea for Sony hack

FBI details 5-point cyber crime battle plan

FBI “has very high confidence” that Sony Pictures Entertainment recent hack was perpetrated by North Korea, through malware that that country has used to attack South Korean banks and media outlets, according to Director James Comey.

Comey spoke recently at the International Conference on Cyber Security in New York, where he also detailed a five-point strategy the FBI will pursue to counter cyber-attacks.

North Koreans “MO” revealed by slip-ups

Regarding the Sony hack, Comey said, “Several times they got sloppy. Several times, either because they forgot or because they had a technical problem, they connected directly and we could see them. And we could see that the IP addresses that were being used to post and to send the e-mails were coming from IPs that were exclusively used by the North Koreans.”

In addition, he said that the bureau has “a range of other sources and methods,” which he declined to describe, that leads him to believe “not with just high confidence, but very high confidence that the North Koreans perpetrated this attack.”

Comey used this example as a way to lead in to a description of how the government plans to address cyber crime as billions of people worldwide become more closely connected through the internet.

Detailing the strategy: public-private partnership

Here’s how Comey summed up the strategy:

“We’re going to try to focus ourselves; we’re going to try to shrink the world; we’re going to try to impose real costs on bad actors; we’re going to improve our relationships with state and local law enforcement; and, most important of all, we’re going to try to improve our relationship, our battle rhythm, our working relationship with private-sector partners.”

Regarding this last point, Comey said he understands the frustration private companies have when dealing with the government, mentioning that he had been general counsel at two companies before coming back into government  service.

“I’ve been in lots of conversations that went like this: ʻWhy doesn’t the government tell us something?’…ʻWhat are they going to do with what we tell them?’ ʻWhat if it leaks?’ ʻWhat if it gets used against us in a competition?’ ʻWhat if we get accused of lying to somebody?’ ʻWhat if we get sued?’ ʻWhat are our shareholders going to think?’ ʻWhat’s the board going to think?’ ʻWhy can’t the government tell us things that we can actually do something about?’” Comey said.

Still, Comey pointed out, the great majority of harm perpetrated by cyber criminals manifests itself in the private sector.

“All of it is in your world, private-sector partners,” Comey said. “Invariably, that’s where the victims are. That’s where the information is that we need in order to be able to respond to actions by nation states, by terrorists, by hacktivists … If we can’t find a way to effectively share that information to those of us with the enforcement powers, we’re sunk.”

Finding more ways to cooperate will be difficult, Comey acknowledged.

“I think we need clearer rules for the private sector, to offer clear rules of the road for what will happen to what you share and what we need you to share,” Comey explained. “We need better technology and to be able to share information both ways more effectively and more quickly.”

Comey added: “You need protection. You need guidance. I [law enforcement] need information.”

Four more points for doing battle

The other parts of FBI’s five-point strategy include:

Focus—Concentrate resources to go after the nation-state actors and the most dangerous criminal syndicates and international operations; designate a single FBI field office to take the lead in dealing with cyberthreats, assisted by a team of up to four other designated field offices.

Shrink the world—Forward-deploy more cyber special agents of the FBI in foreign partners’ offices, as well as coordinating domestic agency efforts through the National Cyber Joint Investigative Task Force.

Impose costs on criminals—Catch perpetrators and bring them to justice or, as in the case of North Korea, expose their actions as publicly as possible.

Coordinate with state and local law enforcement—Equip partners to be digitally literate and to conduct investigations at state and local levels; work with the Secret Service to offer training to such organizations around the country.

Read Comey’s speech

John Ginovsky

John Ginovsky is a contributing editor of Banking Exchange and editor of the publication’s Tech Exchange e-newsletter. For more than two decades he’s written about the commercial banking industry, specializing in its technological side and how it relates to the actual business of banking. In addition to his weekly blogs—"Making Sense of It All"—he contributes fresh, original stories to each Tech Exchange issue based on personal interviews or exclusive contributed pieces. He previously was senior editor for Community Banker magazine (which merged into ABA Banking Journal) and for ABA Banking Journal and was managing editor and staff reporter for ABA’s Bankers News. Email him at [email protected]

back to top


About Us

Connect With Us


Webinar: Real-Time Payments in the U.S. Market

Time/Date: June 16, 2021 2:00 p.m. ET

The U.S. has come a long way in its journey to real-time payments, with TCH and Zelle in market and FedNow just around the corner. COVID-19 has accelerated that demand to move to real-time. Yet many financial institutions remain unconvinced of the need to move, with less than 3% of financial institutions signed up today.

In this Banking Exchange hosted webinar Celent’s Gareth Lodge, Senior Analyst, Global Payments, and Alacriti’s Mark Ranta, Payments Practice Lead, discuss the findings in the Celent research report, Real-Time Payments in the US Market: Speeding Up or Slowing Down? A Call to Arms.


This webinar is brought to you by:
Alacriti logo