SoylentNews is people
SoylentNews
Not so IDLE hands: FBI program offers companies data protection via deception
The Federal Bureau of Investigations is in many ways on the front lines of the fight against both cybercrime and cyber-espionage in the US. These days, the organization responds to everything from ransomware attacks to data thefts by foreign government-sponsored hackers. But the FBI has begun to play a role in the defense of networks before attacks have been carried out as well, forming partnerships with some companies to help prevent the loss of critical data.
Sometimes, that involves field agents proactively contacting companies when they have information of a threat—as two FBI agents did when they caught wind of researchers trying to alert casinos of vulnerabilities they said they had found in casino kiosk systems. "We have agents in every field office spending a large amount of time going out to companies in their area of responsibility establishing relationships," Long T. Chu, acting assistant section chief for the FBI's Cyber Engagement and Intelligence Section, told Ars. "And this is really key right now—before there's a problem, providing information to help these companies prepare their defenses. And we try to provide as specific information as we can."
But the FBI is not stopping its consultative role at simply alerting companies to threats. An FBI flyer shown to Ars by a source broadly outlined a new program aimed at helping companies fight data theft "caused by an insider with illicit access (or systems administrator), or by a remote cyber actor." The program, called IDLE (Illicit Data Loss Exploitation), does this by creating "decoy data that is used to confuse illicit... collection and end use of stolen data." It's a form of defensive deception—or as officials would prefer to refer to it, obfuscation—that the FBI hopes will derail all types of attackers, particularly advanced threats from outside and inside the network.
(Score: 1, Interesting) by Anonymous Coward on Saturday December 21 2019, @12:12AM
President Trump out Barron in charge of the cyber, and with his help the FBI has put an end to it.
(Score: 1, Insightful) by Anonymous Coward on Saturday December 21 2019, @01:40AM (1 child)
Nice junket that.
"Illicit Data Loss Exploitation"... So people are supposed to believe that if the FBI puts a backdoor in their network, that this is going to make them... safe?
This sounds more like a pilot program for compelled state interference in companies that have experienced past breaches. So whose exploiting whom because of "illicit data loss" ?
Want to unfuck Internet security? Get rid of pretty much every judge on the federal court of appeals. Because most of the fuckage is a result of totally corrupt decisions that came from them. You can't have good architecture, if bad architecture is preserved every step of the way. And that has been the case history from the appeals courts since Sun v. Microsoft back in the 1990's.
(Score: 1, Insightful) by Anonymous Coward on Saturday December 21 2019, @02:38AM
That actually makes more sense. The FBI has historically been an enemy of internet security, known to bribe people to put back doors into critical security software. There was a break-in at linux.org years ago that might have been them, too.
(Score: 2) by Freeman on Friday December 27 2019, @03:52PM
The FBI has a reason to exist, they pursue criminals across the United States where it would be difficult for a local state authority to do that. As far as I've heard the NSA just hoovers up our data, because National Security. Yeah, how about sticking your nose elsewhere.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"