Justice official: Info sharing is the best revenge

Shutterstock image (by deepadesigns): security concept image displaying an illuminated padlock.

Cybersecurity officials from the departments of Homeland Security and Justice are stressing the importance of continued collaboration to keep cyberattacks at bay.

"If you get hit, call somebody and start talking" to commercial or federal cybersecurity experts, said Brian Varine, chief of the Justice Security Operations Center. "Sharing information drives up the costs for attackers." He made the remarks at an ISMG Fraud and Breach Prevention Summit on May 18.

"It's too bad they got in, but [sharing information] is your revenge," he added.

Phyllis Schneck, deputy undersecretary for cybersecurity and communications at DHS' National Protection and Programs Directorate, echoed those sentiments and urged the audience, made up largely of private-sector corporate and IT managers, to help her agency build defenses to protect everyone.

The agency's National Cybersecurity and Communications Integration Center serves as the hub for collecting and distributing threat indicators from business and government IT operations. NCCIC includes the Automated Indicator Sharing system.

Through programs such as Continuous Diagnostics and Mitigation, Einstein and others, Schneck said DHS is building a cyber body that can automatically repel infections just like the human body. To do that, she said private-sector input about malware, viruses and other electronic attack methods is crucial.

She added that DHS officials are concerned about ransomware, which locks a user's computer and the data on it until funds are transferred electronically to the attacker.

"There is no guarantee they'll unlock anything," she said. "But it's not just data." Attackers have begun extending the "ridiculous amount of control" that the malware can convey to other areas, such as hospital patient records. Schneck warned that medical devices could also be targeted.

The re-emergence of ransomware in the past couple of years shows that some tactics remain the same but have more computing power behind them. The threat indicators for ransomware attacks are the same as those for other malware-based threats, and they could be blocked if more indicators are catalogued and sent to the government and the private sector, she said.

"If we could push out indicators, we could put a dent in ransomware," she said.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.