In 2007, as the nation continued to adjust to a high-security paradigm forged in the aftermath of 9/11, the current assistant attorney general for national security, John Carlin, was tasked with helping then-FBI director Robert Mueller draft a speech identifying the new face of terror.
The speech, which was delivered at Penn State University, predicted that in coming years threats to the nation’s critical infrastructure, financial institutions and personal safety could come in the form of cyberattacks rather than overt acts of violence.
It also predicted those threats could materialize from nation-states seeking a financial gain or lone hackers with an an ax to grind. It recommended that the country’s best bet was to forge public and private collaborations to keep attacks at bay.
Seven years later, as Mr. Carlin returned to Western Pennsylvania to discuss the same topics, much has changed, but far more than he would like has remained the same.
“In returning here I’m struck by how much progress we’ve made in seven short years, but also on a sober note, by how much more needs to be done to confront this threat,” he said to a crowd of approximately 100 gathered at Carnegie Mellon University’s Software Engineering Institute in Oakland.
Mr. Carlin, who is fresh off leading the May indictment of five Chinese military officers for hacking incidents that stole trade secrets from five Pittsburgh-based companies including U.S. Steel and Westinghouse, was called back to the area by the White House Business Council, Pittsburgh Technology Council, Carnegie Mellon University and Business Forward to explain the nation’s progress against cybercrime and the obstacles to fighting the threat.
Mr. Carlin has worn several hats within the Justice Department’s National Security Division. Prior to serving as assistant attorney general, Mr. Carlin was principal deputy assistant attorney general and chief of staff of the Justice Department’s National Security Division.
As a federal prosecutor, Mr. Carlin was national coordinator of the Computer Hacking and Intellectual Property program, a collaboration between 240 assistant U.S. attorneys and prosecutors that trained them to address cybercrime, intellectual property and the collection of digital data.
In an update of cyberespionage plots tied to Pittsburgh, Mr. Carlin said national security charges filed against five members of China’s People’s Liberation Army are still on the books. He also said criminal charges filed in Pittsburgh and Omaha, Neb., related to a malicious software network called “Gameover Zeus,” which was designed to steal banking credentials, remain in place and that communications between infected computers have been halted.
While outlining some of the Justice Department’s key victories, Mr. Carlin said Pittsburgh has been a central player in the wins.
He noted the FBI Fusion Center, which serves as a central meeting point for federal agencies, software companies, Internet service providers, merchants and members of the financial service sector to discuss threats, share information and combine resources to battle cyber crime. And he said the South Oakland-based National Cyber Forensics Training Alliance, which brings public, private and academic experts together to find and eliminate cyberthreats, has aided in the prosecution of more than 300 cybercriminals.
Although he said private and public sector collaborations were on the rise, he said cooperation must increase. Quoting a 10-year anniversary report filed by the September 11 Commission, he said he hopes the nation’s businesses take heed of the warning before it’s too late.
“The commission concluded that one lesson of 9/11 was that ‘as a nation Americans, did not awaken to the gravity of terrorist threat until it was too late.’ History may be repeating itself in the cyberrealm,” he said.
Deborah M. Todd: firstname.lastname@example.org or 412-263-1652. Twitter: @deborahtodd.
First Published July 30, 2014 12:00 AM