Co-author of Hacking Exposed, George Kurtz. Photo: Fairfax and Bloomberg
The FBI's former top cyber cop has taken a job with a start-up company to help protect private-sector computer networks that he says are already under constant attack with intrusions.
Shawn Henry recently left the FBI after more than 20 years with the bureau. He said he decided to work at California-based CrowdStrike to fill a void in protecting private sector networks. The federal government is responsible for protecting military and government networks, but there is no one - except CrowdStrike's business rivals - charged with protecting the private sector dotcom domain, Henry said.
"The government's not doing anything, that's the problem," Henry said in an interview with The Associated Press. "There's no authority for the government to monitor the traffic in the dotcom space."
In his role as the executive assistant director of the criminal, cyber, response and service branch of the FBI, Henry said he saw intelligence about private networks constantly under attack.
"Every single private sector entity that has any intellectual property, any (research and development), that has any type of business" is either currently being probed by people who shouldn't have access to the information or will soon be breached, Henry said. "That's absolutely happening."
CrowdStrike was founded by George Kurtz, the former chief executive officer of Foundstone, which was acquired by anti-virus company McAfee. Kurtz and Dmitri Alperovitch, a former McAfee vice president and threat researcher left McAfee last year and in February launched CrowdStrike with details of the first drive-by smartphone exploit.
The US Congress is considering several proposals to enhance the security of cyber networks. Proposals would bolster the government's ability to regulate the computer security of companies that run critical industries.
The bills are designed to boost cyber security against the constant attacks that target US government, corporate and personal computer networks and accounts. Authorities are increasingly worried that cybercriminals are trying to take over systems that control the inner workings of water, electrical, nuclear or other power plants.