The beautiful five-year-old FBI German shepherd (above) who greeted attendees of FBI Director Robert Mueller's speech today at The Commonwealth Club (below). Photos by John Zipperer.
It's not every day that attendees at San Francisco's famed Commonwealth Club are greeted at the door by a large German shepherd, but it's not surprising when those attendees were showing up to hear the director of the FBI, Robert Mueller, talk about cyber security. (Well, except for the folks who showed up for the German foreign-language discussion group; they were a bit more surprised.)
Mueller started his talk by noting that he had been the victim of an online phishing scam; he had received an e-mail that looked like it came from his bank and was asking to confirm his account information. Faster than you can yell at the heroine in a horror movie "Don't go into the woods!", our nation's top crime fighter fell for the scam and compromised his security. He said he told his wife (who was also present at his speech) that he considered the experience to be a "teaching moment," but she told him she didn't need the teaching moment -- and he was banned from using online banking.
He later noted, "I do not have a Facebook page." But Mueller's personal aptitude on the internet wasn't the issue. He came to talk about all that the FBI is doing to combat cyber crime. That includes working with police departments around the world -- even "embedding" FBI agents in some Eastern European countries' police forces to help them fight cyber crime.
During the question-and-answer session, Mueller was asked whether the FBI has any hackers working for it, using their skills to help fight other hackers. Mueller said the bureau did not employ any hackers, and after illegal hackers are caught and serve time in jail, they should not look forward to good jobs using their skills.
His comments reminded me of the response I received to a similar question when I interviewed security guru Peter Tippett in the June 1, 2001, issue of Internet World magazine. (Alas, IW's archives are no longer available online; I still have the interview, however, and will try to post it to my main web site soon.) I asked Tippett, who had done considerable amounts of consulting work with various government agencies as well as private firms, if he'd ever consider hiring hackers to help him in his efforts, and he flat-out said no. He said that such people believe all information should be free -- including your credit card information and other private information -- and he doesn't want such people working for him.
Of course, the assumption behind the question is often that illegal hackers have some important talents that are not possessed by people in the online security and law enforcement fields. That's simply not true, but people often ask the question in ignorance, which is fueled by high-profile cases of online criminality, while they know little about the countless cyber crimes that are thwarted every single day.