Author: MIL-OSI Publisher

Remarks prepared for delivery.

Thank you, Peter. I do wish we could be together in person, but COVID has of course forced us all to find new ways of getting together. And new ways of doing business. And we’re not alone. It turns out, unfortunately, that the pandemic has led criminals to new and creative ways of doing business, too.

I’d like to talk to you today about some of the top financial crime threats and trends we’re seeing at the FBI, what we’re doing to counter those threats and stop those trends. I’ll also share some thoughts about what all this means for banks.

Let’s start with a prototypical fraud example from this past year. It’s one you may have heard of: As most of you know, the Paycheck Protection Program (PPP) allows businesses to borrow up to $10 million to, essentially, make payroll and keep their employees working. Last April, a man named Maurice Fayne, who owns a business called Flame Trucking, applied to United Community Bank for a PPP loan.

Mr. Fayne wanted United Community Bank to disburse $3.7 million to him. And to get it, Fayne certified to the bank that his business employed 107 people and had an average monthly payroll of nearly $1.5 million. Fayne said that the loan proceeds would be used to pay workers and ongoing business expenses. Based on the representations in Fayne’s application, the Georgia-based bank funded a loan of more than $2 million.

Within days, Fayne, who also starred in the reality TV program Love & Hip Hop: Atlanta, allegedly used those funds to purchase $85,000 in jewelry, lease a Rolls Royce, and pay $40,000 in child support. Oh, and he dispersed another $230,000 to associates who helped him run a Ponzi scheme. Needless to say, that’s not the kind of “payroll” contemplated by the CARES Act.

Fayne’s now been charged with bank fraud, making a false statement to a federally insured financial institution, and money laundering. And we’re in the process of seizing $700,000 back from him.

As this audience likely knows, PPP loan applications must be processed by a participating financial institution. If a PPP loan application is approved, the lender funds the loan using its own money, which is 100% guaranteed by the Small Business Administration (SBA).

The good news for United Community Bank, and other banks like it, is that PPP loans are guaranteed by the SBA even if the borrower’s application turns out to have been based on fraud. The SBA will review the loan to ensure the lender followed the program rules in approving and servicing the loan, and if so, will purchase the loan from the victim bank.

The bad news, as a lot of you know, is the immense cost in time and resources that frauds like this impose on banks like United Community Bank. CARES Act frauds have highlighted the burdens and challenges that financial institutions face when trying to undo the damage done by the fraudsters. And for banks in particular, it takes time and energy to prove on the back end that they did their part at the due diligence stage.

At bottom, illicit actors are opportunists. So it’s no surprise that they would attempt to exploit the global COVID pandemic to enrich themselves. That’s why one theme I’ll return to again and again today is the vital importance of working together—law enforcement, regulatory agencies, and the private sector—to stop criminals from defrauding our banks and otherwise abusing the financial system to advance their crimes.

Financial Crime Trends

When it comes to evolving technologies, criminal actors have all too often been quick studies in an effort to stay one step ahead of law enforcement. Financial crimes are no exception. Over the past nine months, emerging financial crime trends have revolved around COVID fraud and CARES Act stimulus funds—fraud involving unemployment insurance, PPP loans, and Small Business Economic Injury Disaster Loans. The FBI’s Internet Crime Complaint Center, or IC3, which allows the public to report suspected internet-facilitated criminal activity to the FBI, has received more than 26,000 complaints specifically related to COVID-19 fraud schemes. That’s 26,000 fraud complaints—and you can bet banks are roped in, one way or another, in just about all of them.

In response, we’ve established a COVID-19 Fraud Response Working Group with the Department of Justice, other law enforcement partners, and civil regulators. The group is going after criminals trying to exploit this pandemic to make a quick buck. In one well-publicized case, former NFL Player Joshua Bellamy was charged with wire fraud and bank fraud for conspiring to obtain millions of dollars in fraudulent PPP loans. A bank disbursed to the former New York Jet—and as a Giants fan, I feel compelled to stress that he was a New York Jet—a $1.2 million loan for his entertainment company.

As charged, he then used the proceeds to spend more than $100,000 on Dior, Gucci, jewelry, and tens of thousands more at the Seminole Hard Rock Hotel and Casino in Hollywood, Florida. But that wasn’t enough. Bellamy was allegedly so pleased with this fraud scheme that he looped in his friends and family. And in the end, the scheme involved the preparation of at least 90 fraudulent applications and bank payouts of at least $17.4 million. That means banks are on the hook for that $17.4 million unless or until they can prove to the SBA that they diligently followed the program rules in approving and servicing those loans.

In addition to COVID-related fraud, we’re seeing a range of other fraud schemes, and one thing that we’re seeing across them is the use of money mules. As this audience is acutely aware, criminals often use money mules—that is, middlemen—to deposit illegally acquired funds into bank accounts. Money mules pass funds through wire transfers or virtual currency to add another layer between criminals and victims. Why? To make it that much harder for both banks and law enforcement to follow the trail. That’s why it’s absolutely essential that banks and law enforcement work together to fight back.

And with help from financial institutions, we are fighting back. Just last week, the Justice Department announced the results of an initiative that took action against more than 2,000 money mules. Two thousand. These individuals help victimize everyone from veterans to grandparents, and they put banks right in the middle of it all.

The opportunism doesn’t end there. With a growing number of people doing most of their shopping from home to avoid COVID, we’ve seen a rise in e-skimming, where hackers steal personal and payment information as consumers shop online. They then use that information to make fraudulent purchases themselves. Or they sell it to someone who will.

Financial institutions, like credit card companies, can then find themselves on the hook. Our private sector partners indicate that e-skimming attacks have grown by at least 20% during the pandemic. We also continue to see a rise in synthetic identity fraud, where large amounts of personal data stolen during an online breach are combined with false information to create new identities. Fraudsters use these synthetic identities to apply for credit, eventually establishing credit history and higher credit limits. Just one bad guy can accumulate hundreds of accounts simultaneously, using techniques like credit piggybacking to accelerate the accrual of higher credit limits. And all this financial fraud then lands at your doorstep.

Money Laundering

Along with these emerging trends in financial crimes, money laundering schemes continue to underpin many of our investigations. We’ve identified money laundering networks that support otherwise unrelated criminal networks, including a mix of international criminal organizations and national security threats. We’re also seeing things like trade-based money laundering, which uses trade transactions to disguise criminals’ ill-gotten gains. To combat these phenomena, we’re working with other government agencies, financial institutions, and other private sector partners. We’re engaging with leaders, like you, in the banking and technology industries to enhance the FBI’s capabilities and exchange information. And we’re using technology to help make the most of the copious data that financial fraudsters can’t help but produce.

Platforms like IC3 give us the ability to ingest large amounts of data and identify and analyze fraud patterns that may not be visible to a complainant. For instance, a fraud victim in one city can be matched up to a pattern of similar fraud victims across the country through analytical reviews of data sets—allowing us to broaden our investigations and identify other potential subjects.

Our field offices also have Suspicious Activity Report (SAR) working groups that comb data to identify new threat patterns in their area. These types of analyses help our field offices to both stay well-informed and be more efficient in fighting financial crime.

Staying ahead of the threat requires leveraging our technological resources to their greatest potential. So we continue to look for creative ways to transform our data sets into actionable intelligence and investigations. Bank Secrecy Act (BSA) data is a great example where the public/private partnerships help us combat criminal activity in the digital age. The financial intelligence generated by BSA reporting is critical to law enforcement’s investigation and prosecution of both criminal activities and national security threats. Information from SARs, Currency Transaction Reports, Reports of International Transportation of Currency or Monetary Instruments, and other BSA reporting can also help law enforcement agencies see the broader picture of a criminal network. That data allows us to map networks, trace funds, and ultimately, thwart fraud and protect banks and other victims.

Take SARs. SAR narratives capture an incredible range of conduct. Let’s say a foreign institution establishes a U.S. bank account in order to conduct illicit transactions in U.S. dollars. Law enforcement can use reports of these correspondent bank transactions to follow financial trails, investigate specific individuals and entities, identify leads, connect the dots, and advance investigations.

Virtual Currencies

We and our partners aren’t the only ones recognizing the need for creativity and innovation. Our success in working with banks to fight money laundering schemes means criminals are finding innovative ways to exploit new technologies to “clean” dirty money. Virtual currencies enable the almost instantaneous transfer of value to a recipient anywhere in the world. In some cases, though, there is then very little “paper trail” to follow should an investigation become necessary. And this issue is exacerbated by cryptocurrency tumblers—that is, services that mix tracked and clean cryptocurrencies to hide transactions and hinder law enforcement’s ability to track open ledger currencies, like Bitcoin.

As this technology proliferates, banks are becoming more comfortable with a legitimate virtual asset risk profile as part of their business. In July, the Office of the Comptroller of the Currency issued a public letter allowing any national bank to hold the cryptographic keys associated with cryptocurrencies in what are essentially virtual vaults, just as they’d hold stock certificates for investors. Like banks, payment processors are also increasingly comfortable integrating virtual assets. PayPal, for example, now supports several cryptocurrencies, enabling users to buy, hold, and sell cryptocurrency directly through PayPal. And by early 2021, PayPal plans to allow customers to use crypto assets within its merchant network to pay for goods and services.

It should be no surprise, then, that as various legitimate uses of virtual currencies become more common, these currencies have also moved to center stage for criminals. We now see predatory actors using virtual assets across all criminal platforms to launder illicit funds. And legitimate users of cryptocurrency markets and exchanges have now become tempting targets for both criminal and nation-state actors. That’s because stolen funds can be instantly transferred, and there’s no central banking entity that can immediately freeze assets and pay victims.

We see actors across a wide range of threats using virtual currencies to purchase criminal tools like botnets, launder their illicit proceeds, evade sanctions, and otherwise try to prevent us from “following the money” back to them. Virtual currencies also enable additional anonymization tools like malware-as-a-service and other dark market criminal products that make tracing illicit activity that much harder. This kind of thing used to be limited to sophisticated adversaries. But now, even relatively unsophisticated actors are using virtual currencies to cloak their activities. That proliferation requires our agents and analysts working almost every type of case to be able to recognize virtual currencies; apply sophisticated analytic techniques and tools; and use them to obtain evidence and develop leads. All this has required a significant investment in resources and training for our investigators and analysts.

As a result, the FBI has developed deep expertise in virtual currencies. We’re now getting advanced analytic techniques and tools into the hands of our professionals investigating everything from child exploitation to public corruption. And we’re drawing connections from work we do across a range of investigations to help map illicit payment networks. We’re being creative—seizing virtual currencies when appropriate, working with foreign partners to follow criminal trails overseas, and collaborating with our colleagues at other investigative agencies, the SEC, the Commodity Futures Trading Commission, and of course DOJ to stay on top of threats as they evolve. We’re also collaborating with the financial industry and with academics, both to further advance our understanding and use of existing technology, and to proactively position ourselves to see what’s on the horizon.

Technology affects every kind of threat we face. Criminals, terrorists, and nation state actors will all continue to use technology to try and anonymize and facilitate illicit activity. Which is why we must continue to invest in our own technological resources to ensure that we’re staying ahead of each threat.

Partnerships

That brings me to perhaps the most important section of my remarks: partnerships. Moving forward, we’ve got to use our respective strengths to work toward a common purpose: keeping our economy, our citizens, and our companies safe, secure, and confident in a digitally connected world.

We’ve got to find even more ways to work together, public and private sector. It’s not just the best option, it’s really the only option. The FBI has a long history of cooperating with law enforcement and private sector partners across the globe to confront complex criminal threats. That kind of team approach is how we’ll successfully combat financial crime. We’re exchanging valuable information with the private sector through conferences like these, and our daily discussions with corporate partners are also informing our strategic focus, by making sure we know what threats most concern you.

Overseas, we’ve got legal attachés sharing intelligence and building partnerships with both foreign law enforcement and security services and enabling a virtuous cycle of cooperation. We pass information developed through our investigations to our foreign partners, including warnings about frauds perpetrated against financial institutions and American citizens. Our partners who respond to those leads can in turn provide us with more information about the threats we all face. That information feeds our global investigations and helps us discover even more indicators the private sector can use to mitigate these threats. It also provides us with more arrest opportunities, allows us to recover more illicit funds, and it puts us in a position to generate more information to pass back to our partners in a true virtuous cycle. We’re making significant strides, we’ve had a number of successes, but we still need to collaborate even more.

You’re bringing expertise to the table. You know the risks to your institutions, you’re identifying the fraudsters, and you’re going to see emerging threats coming down the road. At the FBI, we have unique expertise too. We’re able to perform analysis and combine that with the intelligence we collect to alert you to what we’re seeing out there and how these emerging frauds can affect your financial institutions.

In turn, we need financial institutions to continue to work with us through SARs and other means and to work with our field offices to initiate cases. Which is why I hope you have a strong working relationship with the special agents and special agents in charge working in your communities. If you don’t, I encourage you to work with them to talk about your concerns and let us know how we can best help you. We now have private sector coordinators in every FBI field office. If you haven’t met that person in your city, you should make the connection.

Early notification to law enforcement can limit your losses and those of your customers. And we can respond a lot faster in times of crisis if we already have a relationship with you—if we already know your facilities and your people. As the old saying goes, the best time to patch the roof is when the sun is shining. We’ve got to keep helping each other, so we can protect each other from threats we all face. And we must place an even greater emphasis on information sharing than ever before.

* * *

Technological advances give financial criminals the means to commit crimes in new and nefarious ways. But when it comes down to it, it’s the same as it ever was: It’s all about the money. Criminals will go after it any way they can. And they never let a crisis go to waste. This pandemic has been no exception. And they’re going to exploit this environment in ways that offer the least chance of getting caught—anonymously, from behind a keyboard.

As illicit actors become more sophisticated and have greater access to technology, it means we have to be smarter and quicker about preventing and stopping fraud. The good news is that while financial criminals have access to more technological tools and institutions than ever before, we do too. And we have each other. You’re innovating, and we, too, will continue to evolve to counter the actors where they operate.

I want to thank you for your insight and your expertise as we continue to work together to combat ever-evolving financial crimes. I’ll end with a call to action. Please engage with the FBI and your local field offices. We need to keep finding ways to help each other.

Thank you. Happy to take a few questions.

Remarks prepared for delivery.

It’s an honor to be here to talk about how the FBI is fighting the ever-evolving cyber threat.

I do wish we could be together in person, but COVID has of course made us all have to find new ways of getting together. And new ways of doing business.

There’s a lot of talk about “pivoting” today. It’s become kind of a COVID-era buzzword.

Pivoting to host conferences, like this one, virtually. Businesses pivoting to meet the changing needs of customers.

But I’m sure many of you would say that’s nothing new.

Organizations that stand the test of time know that pivoting is crucial to staying relevant and being successful.

In his book, The Infinite Game, author Simon Sinek gave a great example—and a fitting one for a forum discussion.

The Swiss company Victorinox has been around since 1884. Everyone knows Victorinox as the maker of the Swiss Army knife.

But after September 11, we faced new restrictions on what people could carry on airplanes, and sales of Swiss Army knives declined dramatically.

Victorinox didn’t crumble, though. They pivoted to making travel gear, watches, and fragrances—a change that has helped the company nearly double its revenue compared to the days before 9/11. And that’s because they proved themselves both agile and resilient.

At the FBI, we have a track record of being able to pivot when necessary, too. Like when we changed gears to focus on organized crime in the 1970s and 80s or terrorism after 9/11.

We’ve brought that same approach to protecting the American people—and our businesses—from foreign cyber operations and significant cybercrime.

And it’s not just the FBI, of course. The whole cyber community has evolved, together, to meet this changing threat.

We all understand that the old approach of tackling the cyber threat one case at a time isn’t going to cut it.

We’ve got to take an enterprise approach—one that involves government agencies, private industry, researchers, and nonprofits, across the U.S. and around the world.

And we’ve got to use our respective strengths to work toward a common purpose: keeping our countries—and our companies—safe, secure, and confident in a digitally connected world.

I want to talk today about the FBI’s new cyber strategy. And about the importance of working together to tackle the cyber threat as a global community. And then I’m looking forward to a conversation that dives deeper into some of these topics.

FBI Cyber Strategy

At the FBI, we’ve been fighting the cyber threat for many years now.

We began our early high-tech crime effort in the mid-1990s, and created our Cyber Division in 2002.

We’ve become known for our efforts to call out destabilizing and damaging cyber activity by nation-state actors.

Like when we announced charges last month against the Russian intelligence officers behind the most destructive cyber campaign ever perpetrated by a single group, including the NotPetya and Black Energy attacks. Along with the Olympic Destroyer malware, and other outrageous misconduct, that together caused havoc in global shipping, power, public health, and the Olympic Games.

But we are also particularly focused on the threat posed by cyber criminals.

Schemes like ransomware have always caused disruption and financial loss, but today they’ve escalated to a whole new level—shutting down schools, interrupting key governmental services, crippling hospitals, and threatening critical infrastructure.

We’re putting our new cyber strategy in place to stay ahead of this ever-evolving threat landscape.

Just like we’ve done throughout our 112-year history of fighting crime and terrorism, our goal is to impose risk and consequences on bad actors in cyberspace—whoever and wherever they are.

Put more bluntly: We want to make it harder and more painful for hackers and criminals to do what they’re doing.

An essential prong of the strategy is to leverage our enduring partnerships—in both investigating cybercrime and raising the costs to criminal actors.

That means we’re leveraging the information we obtain through our investigations to also enable our partners to take action.

For those less familiar with the U.S. system, the FBI is America’s premier federal investigative service.

And within our government’s cyber ecosystem, the FBI focuses on threats. Not just investigating discrete incidents but making it our business to understand who and where our cyber adversaries are, how they operate, and how we can weaken them.

Our partner-focused strategy means that in addition to fueling criminal prosecutions, information from our investigations gives treasury officials the means to cut criminals off from the global financial system.

It gives our global law enforcement partners the means to seize malicious infrastructure and locate and arrest criminals hiding in their jurisdictions.

And, vitally, that information arms private-sector network defenders around the world with technical indicators they need to protect themselves, as well as the ability to shut down criminal infrastructure, and kick bad guys off their platforms and networks.

The point isn’t who claims credit. It’s achieving safety, security, and confidence, for all of us, in our digitally connected world.

We have a long history of cooperating with law enforcement and private-sector partners across the world to confront complex cybercrime threats.

Think of our disruptions of the Kelihos botnet in 2017, worldwide business email compromise scams in Operation WireWire in 2018 and ReWired in 2019, and the major cybercrime money laundering group QQAAZZ just last month.

And we’ve been cultivating the partnerships we rely upon today for longer than that.

Some of you will recall the 2016 effort to disrupt the cybercrime infrastructure-as-a-service network called Avalanche, which enabled more than two dozen of the world’s most pernicious malware variants.

That herculean effort included contributions by investigators in more than 40 jurisdictions, Europol, the Shadowserver Foundation, a German research institute, ICANN, national CERTs, and domain registries around the world.

And we’ve continued to build from there. More and stronger partners, focused together on stopping and deterring those who would attack us.

Global Partners Standing Together

We’ve got to continue to work together as global partners. That’s not just the best option, it’s the only option.

That team approach, especially with the private sector, is central to how we’re addressing cyber in today’s FBI.

So we’ve created unique hubs where members of the cyber community can work alongside each other and build long-term, trusting relationships.

For example, we’re now co-located with U.S. and international partners in industry, academia, and the financial sector as part of the National Cyber-Forensics and Training Alliance in both Pittsburgh and New York City.

That effort has been so successful that we’ve expanded it—we now also partner with companies in the defense sector, through our National Defense Cyber Alliance

We’re exchanging valuable tactical information with the private sector in those forums and elsewhere, but our daily discussions with corporate partners are also informing our strategic focus, by making sure we know what threats most concern them.

Overseas, we’ve got legal attachés around the world and skilled cyber agents in embassies sharing intelligence and building partnerships with both foreign law enforcement and security services—and enabling a virtuous cycle of cooperation.

We pass information developed through our investigations to partners abroad—including warnings about intrusions at victim companies and institutions.

Our partners who respond to those leads can then in turn provide us with more information about the threats we all face—feeding our global investigations, helping us discover even more indicators the private sector can use to mitigate the threat, more malicious infrastructure we can target ourselves or notify private sector partners of, more arrest opportunities, which leads us to more useful information to pass back to our partners, and so on.

We’re helped by the fact that so many of the companies we deal with are multi-national themselves—able to take information and make global use of it, and able to provide us with a global view of the threats they face.

We’re taking all the tools at our disposal and bringing them to the table, so that we can fight this threat together.

As the members of the forum know well, we’ve all become hyper connected.

And that has empowered people the world over—the good guys and the bad guys alike.

Because today’s economy lives, in large part, in the digital realm. And the more we expand our global footprint, and the more we do business in other countries, the more we can achieve, together. But, at the same time, the more risk we assume on the cyber front.

That’s why we can’t take our collective eyes off the cyber threat landscape. We can’t hold back from building on our connections. We’ve got to keep moving forward.

We’ve got to keep helping each other, so that we can protect each other against threats we all face together.

And we’ve got to place an even greater emphasis on partnerships and information sharing than we ever have before.

* * *

We won’t make any headway if we’re each off doing our own thing, because our adversaries rely on gaps in our community.

They like it when we’re not sharing information—when one player doesn’t trust the other.

We’ve got to keep building strong relationships with old allies and new partners alike.

We’ve got to learn to pivot where we need to.

And we’ve got to find innovative solutions to new problems if we want to maintain an edge against our adversaries in the cyber world.

At the FBI, we’re proud of our history of innovation—of more than a century of adapting and evolving to meet changing threats.

And there’s no issue requiring more imagination and willingness to evolve than in cyber.

I was excited to learn about the forum’s Partnerships Against Cybercrime study and pleased that experts from our Cyber Division participated.

We’ve got to continue to innovate and cooperate to generate outcomes much faster than was previously possible.

I’m hopeful that the report’s recommendations will keep us moving toward the trust, agility, scale, and speed we need in our partnerships to truly impact the cybercrime threat.

And I’ll end by leaving you with a call to action. If you haven’t already, please engage with private and government partners in this fight.

Invest in one of the “nodes” the report contemplates. Find ways to join your cybersecurity experts with like-minded experts from other industries and sectors—and we’ll make each other stronger.

The FBI is ready to play.

Thank you for your willingness to hear from me today.

Remarks prepared for delivery.

Good morning, everyone. Thank you, Dr. Taylor and CEO/Executive Director Ramirez.

It’s a great privilege to be here to mark the beginning of this incredible new venture, which adds another important element to the FBI’s growing presence in Huntsville. Partnerships have always been essential to the work we do in the FBI, and today is another tremendous reflection of our progress in that regard. As we’ve seen in recent times, the cyber threat is constantly and rapidly evolving. It’s becoming more sophisticated, more pervasive, more dangerous, and certainly more damaging. And it shows no signs of stopping.

So we must constantly adapt, innovate, and evolve to meet that severe and ever-changing threat. And we know that no one agency can protect the United States from foreign cyber operations and combat significant cyber crime on its own.

We have to take a whole-of-society/whole-of-government approach. And that’s why we’re continuing to focus on partnerships at every level.

FBI Cyber Strategy

The FBI’s cyber strategy, while multi-layered, is sharply focused on imposing risk and consequences on cyber adversaries. The bottom line is, we want to make it harder and more costly for hackers and criminals to carry out their illicit activities online. And the best way for us to do that is by leveraging our unique authorities, world-class capabilities, and enduring partnerships.

And using all three of these elements in service to the larger cyber community. We’re taking a team approach to our work with both the public and private sectors—from other government agencies to companies of all sizes to universities and other relevant organizations.

We’ve created unique cyber centers where members of the cyber community can work alongside each other and build long-term relationships. Within government, that center is the National Cyber Investigative Joint Task Force, or the NCIJTF.

Led by the FBI, the NCIJTF includes more than 30 co-located agencies from the intelligence community and law enforcement. We’ve pushed a significant amount of the FBI’s operational and analytical capabilities into the NCIJTF to strengthen its role as a core element of the nation’s cyber strategy.

But we know that government can’t do it alone. This fight requires all of us, government and the private sector, working together against threats to our national security, which equates to economic security.

That’s why we created another center to work with the defense industry, the National Defense Cyber Alliance, based right here in Huntsville, where experts from the FBI and cleared defense contractors share intelligence in real time.

It’s why we’re co-located with partners in industry, academia, and the financial sector as part of the National Cyber-Forensics and Training Alliance in both Pittsburgh and New York City.

And it’s why agents in every single FBI field office spend a huge amount of time going out to companies and universities in their area, establishing relationships before there’s a problem and providing threat intelligence to help prepare and put up defenses.

The partnership we’re commemorating today represents a new kind of cyber center—a center for fostering skill and talent in the STEM disciplines, particularly in the cyber field.

FBI-USSRC Partnership

Engaging and motivating future generations to consider cyber careers with the Bureau is one of our highest priorities. We’re constantly working to position the FBI to meet the cyber threat five, 10, 15, 20 years in the future and beyond.

That includes developing and recruiting the top-notch cyber talent we’ll need to stop the world’s most sophisticated hackers and cyber criminals.

Since 2017, the U.S. Cyber Camp has been teaching students the fundamentals and skills needed as they move toward a future cyber career. They learn the ethics and responsibilities relating to personal data security for safeguarding networks. They’re introduced to different types of cyber careers. They meet professionals working in the cyber field. And they tour Redstone Arsenal and FBI facilities, including our Regional Computer Forensics Laboratory.

The MOU we’re signing today takes things a step further. It formally allows the FBI to provide subject matter expertise for curriculum development at the U.S. Cyber Camp. That includes presenting students with realistic cyber scenarios—some from our own cases—and real-life responses. We’ll also provide presentations and briefings from an array of FBI experts, including cyber agents, analysts, and computer scientists.

Why are we doing this?

The head of our Cyber Division, Matt Gorham, likes to refer to cyber as a tapestry. Each agency is a thread in that tapestry. And while each thread is formidable on its own, when woven together, we make up a strong, interwoven fabric—far stronger than any single thread. And when we further weave in the threads of our international partners, the private sector, nonprofits, and academia, that fabric is unbreakable. This partnership, our partnership, can go a long way to weaving even greater strength into that tapestry.

We want to show young people across America that they can be part of it, and that there is an important role for them. And that they can do incredibly meaningful work that’s essential to the security of our country and to the safety of all Americans.

Conclusion

President Kennedy delivered a famous speech in Houston in 1962 known as the “moonshot” speech. This occurred just as America’s “space race” with the Soviet Union was ramping up. There is an iconic line in the speech: “We choose to go to the moon in this decade and do the other things, not because they are easy, but because they are hard.”

But in the beginning of the speech, there’s a less often cited, but no less powerful, piece of prose that calls to mind the current cyber environment. Kennedy condensed 50,000 years of history into just 50 years, to show how fast and how far we had come. In this condensed timeline, we learned to write and to use a cart with wheels just five years ago. The printing press came only this year. The steam engine was invented two months ago. Just last month, we introduced electric lights, telephones, automobiles, and airplanes. And only last week did we develop penicillin and television and nuclear power. In Kennedy’s words, “This is a breathtaking pace, and such a pace cannot help but create new ills as it dispels old…new ignorance, new problems, new dangers.”

Surely the opening vistas of space promise high costs and hardships, as well as high reward. By compressing 50,000 years of human history into a mere 50 years, President Kennedy painted a vivid picture of rapid technological development and awe-inspiring accomplishment. He also wisely pointed out that sometimes rapid change can have a downside. He could just as easily have been talking to us here today about cyber. So much is happening, so quickly, that it is sometimes a struggle to keep up.

Consider our cyber timeline:

• Computer networks in the 1960s
• Email in 1972
• The World Wide Web in 1991
• Google in 1998
• Twitter in 2006
• The iPhone in 2007
• Bitcoin in 2009
• Netflix streaming in 2010
• Alexa in 2014
• The Apple Watch in 2015
• And in 2020, a global pandemic that’s forced millions to do so much virtually—from teleworking to online classes to telehealth medical appointments and even virtual happy hours.

And those are just the everyday cyber leaps and bounds. We’re not even talking about biotech, big data, cloud servers, the Darknet, AI, or the Internet of Things. The advances are breathtaking, but so are the risks. And so is the impact.

It’s a good time to think about where we are and where we need to be down the road.

We’ve got to recruit the best new talent to keep the new ignorance, new problems, and new dangers at bay. The vistas of cyber space promise high costs and hardships, but they also offer some really high rewards, for all of us.

On behalf of Director Wray, Deputy Director Bowdich, and the entire FBI, I want to thank everyone here at the U.S. Space and Rocket Center and the U.S. Cyber Camp for helping us reach the next generation of cyber talent. We’re grateful for your partnership and look forward to many more years of working together.

Thank you. Stay well, be safe, and God bless.