Meet the FBI's new top cyber cop

Gordon Snow talks about the challenges of cyber counterintelligence and the FBI’s role in federal cybersecurity efforts.

As the FBI’s top cyber cop, Gordon Snow is on the front lines of federal efforts to thwart cyber crime, espionage and potential online terrorist activity.

Snow, who took over as FBI assistant director in charge of the bureau's Cyber Division earlier this year, served in the Marine Corps for more than 10 years and has a master's degree in business administration and law degree. He has held bureau posts in Silicon Valley, Detroit and Afghanistan, which would seem to be the ideal background for someone in his position. In addition, he recently helped draft the government’s Cyber Counterintelligence Plan while detailed to the Office of the Director of National Intelligence, and he has directed the bureau’s National Cyber Investigative Joint Task Force.

But even for someone as prepared as Snow, leading the Cyber Division has to be a challenge. In 2009, the FBI’s Internet Crime Complaint Center Web site received 336,655 submissions. And cyber crime poses special challenges for law enforcement because online perpetrators can use various technologies to hide their identities. The problem is also inherently international, as indicated by the cyber intrusion agents that the FBI has stationed in foreign countries to work side by side with computer investigators.

Snow recently met with Federal Computer Week staff writer Ben Bain to talk about the challenges of cyber counterintelligence and the FBI’s role in federal cybersecurity efforts. The following excerpt has been edited for length and clarity.

FCW: Will the focus of the Cyber Division remain the same with you as chief?

Gordon Snow: [Previous chief Shawn Henry] laid a strong foundation, and as you can understand with technology and cyber being once again the change agent that it is, we change constantly on a day-to-day basis. But that strong foundation he and his predecessors in the Cyber Division have laid is what will remain the standard as we drive forward.

FCW: What does cyber counterintelligence involve?

Snow: We’re looking at what a foreign intelligence service is doing here in the United States and how we can protect against that. So we’re concerned about their access to our people, our organizations and our computer systems.… We’re always watching access to classified networks [and] penetrations of classified networks if they were to take place or if we see somebody moving into a realm where they’re starting to position themselves and we think that may be an issue. In addition, we’re concerned about all the unclassified information that’s out there.

FCW: Have you seen any worrying trends involving cyberattacks by terrorists, other countries or criminal gangs?

Snow: On the criminal side,…instead of going out and harvesting a lot of the personally identifiable information and attacking…one individual, we’ve seen an emerging trend to attack small to medium-sized businesses [and] academic institutions.

FCW: What about the cyber threats related to terrorist groups?

Snow: The first cyber threat is terrorist groups and organizations using cyber as a means for recruitment, radicalization and communication. The threat that we mine down on here in the Cyber Division is them using their capabilities and tools as a point or vector to do damage to critical infrastructure or systems within the United States.

FCW: Is there a certain type of attack that average citizens should be particularly mindful of these days?

Snow: The average citizen should be mindful of everything. If average citizens started out with the fact that there really is no such thing as a secure system, I think they would move themselves far down the road…to computer security. Computer security starts at home, it starts with the individual…. You’re only as strong as your weakest link.

FCW: Are there threats that are specific to federal Web sites or systems?

Snow: When we talk about threats to the government system, we talk about what we can’t patch for. I can’t patch for an individual who receives a socially engineered e-mail, and I don’t have the protocols in place to watch that e-mail, to address that e-mail, or once again to get that education piece out to educate everybody that…clicking on that link that looks like it might be interesting could be my first step to the compromise of the system by downloading the malware that allows the adversary to move throughout my system.

FCW: Is there one threat that rises above all others for federal agencies?

Snow: No, it’s pretty much all cyber, all the time. So situational awareness is key. And while we may see trends of attacks moving from one flavor of the day to another, we definitely need to be cognizant of all threat vectors that come in.… Our corporate partners here in the United States ride on about 85 percent of the network, so we can’t solve this problem alone. No one agency can solve this problem alone.

FCW: What is the FBI's unique role in cybersecurity?

Snow: The FBI is the domestic human and technically enabled intelligence collection agency for the United States. So What we bring to the table is our collection [of intelligence] and our view domestically for all the other agencies in the intelligence community and in the law enforcement community. So I’m there to ensure, No. 1, that I address counterterrorism and counterintelligence [efforts] from the national security side and also from the criminal side.

FCW: How is what the FBI does with its National Cyber Investigative Joint Task Force different from what the Homeland Security Department does in terms of coordination?

Snow: Cyber network operations [are] split into three traditional arenas: cyber network attack, cyber network exploitation and cyber network defense. We would fill that gap that we would call cyber threat investigation. [For example], I’m trying to identify that individual behind the keyboard who's responsible for all the activity.

If it’s in the criminal realm, then I’m trying to find that individual. I’m trying to remove their capabilities, dismantle their organization and bring them to prosecution.

If it’s a national security realm, if it’s cyber espionage, for instance, from a foreign intelligence service or foreign state actor…I’m trying to stop that process; attribute that attack to an individual; [trying] to find out what their tactics, techniques and procedures are; and bring back our response from the United States along with the rest of my intelligence community partners.

If it’s cyber terrorism, then I’m tying to ensure that I impede that attack and stop it before it takes place and then dismantle that organization.… But once again, it’s a complete collaboration [with other agencies].

FCW: What are the big challenges in being able to determine who is behind an attack?

Snow: The challenge is always the same…. It’s very difficult to find positive attribution. On the national security side, the FBI and its partners from the U.S. government have made tremendous progress, and many of the investigations [have] identified actors that we believe are associated with different entities throughout the cycle that we discussed. On the criminal side, we’ve made tremendous progress even in the last two years.

 

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.