Former FBI director Mueller: Home hacks called on par with globals |

Former FBI director Mueller: Home hacks called on par with globals

Heidi Murrin | Trib Total Media
Robert Mueller, director of the FBI from 2001 to 2013, speaks at Heinz Hall, Downtown, on Wednesday, Nov. 19, 2014.
Heidi Murrin | Trib Total Media
Robert Mueller, director of the FBI from 2001 to 2013, speaks at Heinz Hall, Downtown, on Wednesday, Nov. 19, 2014.

Corporations lucky enough to have avoided being hacked by cyber criminals should not expect their luck to continue, the former head of the FBI said Wednesday night before a capacity crowd in Heinz Hall, Downtown.

“There are two groups: Those that have been breached now, and those that will be breached later,” Robert Mueller said during a 45-minute speech that touched on topics ranging from his 12 years at the FBI to terrorism and the fallout of 9/11. The speech was part of the Pittsburgh Speakers Series sponsored by Robert Morris University and Trib Total Media.

Though Russian and Chinese hackers and organizations tied to terrorists pose cyber threats to big businesses such as PNC and UPMC — both of which recently experienced security breaches — equally credible threats exist within employee ranks from those “with keys to the ‘crown jewels,’ ” Mueller, 70, warned.

“Oftentimes, more damage can be done from someone inside with access to your networks than by the Russians or the Chinese,” he said.

A new kind of vigilance is needed to combat corporate cybercrime, David Thaw, an assistant professor of law and information sciences at the University of Pittsburgh, told the Tribune-Review earlier Wednesday.

“You’ve got to perform risk assessments, make plans from those assessments and then keep both up to date,” Thaw said.

As businesses increasingly work their way into a global network, they can become targets as well as tools to attack other businesses, government agencies or people, Thaw said.

Some ways to limit those risks, he said, include diligently vetting new hires, providing ongoing training and working to quickly remove former employees’ access to networks.

Mueller praised assistance from Carnegie Mellon University for helping the FBI complete a long overdue and over-budget electronic case- management system.

“I believe this is a hotbed of computer capability,” Mueller said.

Thaw said Pittsburgh is becoming a “known name” in cybersecurity. He cited the efforts of U.S. Attorney David Hickton, whose office this summer indicted Russian and Chinese hackers; having the National Cyber-Forensic and Training Alliances based on the South Side; and having two major research universities in Pitt and Carnegie Mellon focused on computer science and information technology.

“The confluence of all of those things has made Pittsburgh a rich area to do all of this,” Thaw said.

Mueller took over the FBI a week before the Sept. 11, 2001, terrorist attacks and retired in September 2013 — making him the longest-serving FBI director since J. Edgar Hoover.

In March, Mueller joined the law firm WilmerHale as a partner. The NFL this fall hired him to conduct an independent investigation into how the league handled the suspension of former Baltimore Ravens running back Ray Rice, who appealed his indefinite suspension for domestic violence.

Mueller took questions after his speech, but the audience at Heinz Hall was told he would not discuss the ongoing investigation.

During his time with the FBI, Mueller changed the culture of the agency and its mission — from investigating crimes and solving cases to gathering post-9/11 intelligence, said Ronald Kessler, an award-winning investigative journalist and author of 20 books, including “The Secrets of the FBI” in 2011.

“He really has been one of the few people responsible for the fact that we have not had a successful foreign terrorist attack since 9/11,” Kessler told the Tribune-Review. “He kept us safe.”

At every briefing during his tenure, Mueller said he faced the same question: “What is the FBI doing to prevent the next terrorist attack?”

“Over two presidencies, that question remained the same,” he said.

Mueller said he knew the FBI would be judged not just on its success in preventing terrorist attacks but on how well it abided by the Constitution while doing its job.

“We did our best not only to thwart attacks, but we did so by keeping civil liberties in mind,” he said.

Jason Cato is a staff writer for Trib Total Media. He can be reached at 412-320-7936 or [email protected].

TribLIVE commenting policy

You are solely responsible for your comments and by using you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.