This week on The Cowbell Factors, we welcomed two guests from the FBI Memphis Field Office: Special Agent in Charge Doug Korneski and Special Agent Andre Edwards.
SAC Korneski and SA Edwards come from different backgrounds, but their experiences have converged in the FBI Memphis Field Office. SAC Korneski brings over 20 years of experience with the FBI, from leading the Office of Private Sector to standing up Infragard, and now being in charge of all FBI operations in middle and western Tennessee. SA Edwards has been in the Memphis Field Office for four years and specializes in specific cybersecurity threats like ransomware, malware, and business email compromise. He is also Task Force Coordinator for the cyber squad and is a cyber field instructor.
The FBI is launching a broad-based cybersecurity awareness campaign across the country that is focused on potential cyber threats facing government institutions and private sector organizations. The campaign is also being localized in middle and western Tennessee in the form of information-sharing, media engagement and speaking opportunities to increase public awareness about the FBI’s cyber mission and best practices when it comes to reporting incidents to the FBI. SAC Korneski quotes his Assistant Director: “Cyber risk is business risk and cybersecurity is national security. Together, we can defend America’s values – ingenuity, critical infrastructure, business equities – through our robust and enduring partnerships.”
It is important to note that cyber threats today look different than they have in the past, and they are constantly evolving and becoming more sophisticated. SAC Korneski offers his perspective on how cyber threats have changed over the last 20 years, which is about the same amount of time as his tenure with the FBI. Just as the cyber threat landscape is becoming more complex and advanced, so too is the FBI’s capability to support victims and respond to incidents. “One thing that has remained the same is that the FBI is at the center of cyber threat information to provide support to victims and ultimately impose costs on the cyber criminal,” says SAC Korneski.
Expertise as well as experience are growing in the FBI cyber arena. SAC Korneski proudly reports that “Last year alone, our internet crime complaint center recovery asset team stopped over $380 million from being stolen from individuals and businesses…last February, the FBI seized over $3.6 billion, with a ‘b’, cryptocurrency linked to an illicit hack.” That said, the FBI is not working alone to achieve these feats: “When you engage with the FBI, you’re leveraging all of our symbiotic relationships with law enforcement and intelligence, community partners, counterparts and foreign governments around the world, our robust and growing network within the private sector.”
Working directly with ransomware incidents, SA Edwards encourages businesses of all sizes to proactively foster a relationship with their local FBI office. If a business or an individual is faced with a cyber incident, early reporting to and engagement with the FBI could make a huge difference in terms of paying the ransom and decrypting the data. Furthermore, having an incident response plan and backups (including offline backups) are key pieces of an organization’s defense against cybercrime. Cyber criminals are very sophisticated these days and can take the form of an individual, all the way up to a criminal enterprise.
Top cybercrimes facing small and medium-sized enterprises, specifically, include business email compromise, credential harvesting/phishing attacks and ransomware/malware. Of late, these attacks have been exacerbated by the proliferation of cryptocurrency. The instantaneous nature of cryptocurrency payments speeds up the payment exchange process and can make it more difficult for ransom payments to be intercepted. That said, cryptocurrency payment information being accessible on the blockchain can aid tracking and analysis.
When it comes to education and amplification of these issues, SA Edwards observes, “One thing that the FBI has that other organizations do not have is international reach…so we have an FBI representative in 70 other countries and with cybercrime being borderless, we need to have access to internet service providers and individuals in those countries.” The FBI’s “international relationships”, “unique legal authorities,” and “56 field offices and numerous sub-offices” all work together to maintain and share critical information at speed to support victims of cybercrime and assist with their recovery process.
If you are interested in hearing SAC Korneski and SA Edwards discuss these topics and more, listen to the full podcast episode.
Visit the Cowbell Factor Podcast library to listen to last season’s episodes and stay up to date on upcoming ones. It is available on most podcast platforms (iHeartRadio, Spotify, Google podcast, Apple podcast, Anchor and Radio Public).