The FBI needs help from hackers to fight cybercrime, an agency official said on the first day of the Black Hat conference in Las Vegas.
"We need your expertise and input as we develop strategies to battle cybercrime in the 21st century," Daniel Larkin, a unit chief in the FBI's cybercrime division, said in his opening address on Wednesday.
As cybercrime has continued to become more sophisticated and organised, federal agencies have increasingly sought to partner with the private sector. Earlier this year, FBI Director Robert Mueller used the RSA Conference to send out a similar message.
"The people we're going after are not just the script kiddies anymore. These people are making a lot of money," Larkin told the Black Hat audience of hackers and security professionals. "I am a recovering technophobe; I used to be really afraid of you all. But I realise that you all are really important."
Black Hat draws an increasing number of attendees from law enforcement agencies. This year, Larkin estimated, one in 10 attendees might represent federal agencies, he said. "Be nice to them. They are here to help you; they are here to team up," he said.
Although the government is trying to be nimble, others might know about potential threats before federal agents do, he said. "Critical information on terrorism and cybercrimes could be in your hands and might be in your hands before they reach ours," he said.
The FBI's call for help confirms that it is not equipped to deal with cybercrime, said Tom Thomas, a security consultant from California who is attending Black Hat.
"It is not reassuring," Thomas said. "It confirms what we already suspect. There is great technical inadequacy, if not downright ineptness, at the FBI. Therefore they are, perhaps desperately, seeking help from almost anyone."
To make cooperating with law enforcement worthwhile, the FBI is offering to share information in exchange for help. The FBI has been criticised in the past for going completely silent after a report was filed. "We realise that we need to give back information," Larkin said.
As examples of information sharing, Larkin said that the FBI is working on identity theft with Internet service providers and with merchants on shipping fraud. That way, all players get a better picture of the actual threat, and the FBI can cross-reference data and build better case data, he said.
They will not do a dang thing about Identity Theft. I even did most of the leg work they would not lift a finger to investigate it or anything.
I had the IP, I had the address, I had the names used, I even had the contact info for the ISP. They would do nothing.