Cisco Blogs


Cisco Blog > Security

A Word Of Thanks

I rarely blog, and when I do it’s almost always about an event, rather than a person. This entry is an exception in no small part to draw attention to a seminal moment, and an illustrious career of someone who is finishing one chapter and about to start another.

On March 9, 2012, the United States Federal Bureau of Investigations (FBI) announced its top cybersecurity leader would retire at month’s end. Shawn Henry, the FBI’s Executive Assistant Director (EAD), has been at the forefront of the FBI’s response to cybersecurity crimes and investigations for the past several years, albeit his career at the FBI spans multiple decades and his responsibilities are broader than just cyber.

EAD Henry helped establish the National Cyber Investigative Joint Task Force (NCIJTF) to mitigate and disrupt cyber attacks threatening national security in the US as well as other countries. He was instrumental in restructuring the Bureau’s cyber strategy and investigative programs, and recognized that his work in the United States alone would not be enough. He and his team reached out to national law enforcement agencies in Amsterdam, Romania and Estonia to make the necessary differences in those regions.

I was fortunate to work with EAD Henry during my time as a commissioner on the CSIS Commission on Cybersecurity for the 44th Presidency, at the National Cybersecurity Forensics Training Alliance (NCFTA), as well as on strategies and discussions to determine how we can make the Internet safer for all users.

As a leader, EAD Henry was quick to credit his team and not ever seek credit for himself. He built a bench at the Bureau that will carry the hard work into tomorrow. His influence spanned the public-private and law enforcement communities in the US and abroad, even if the mission was challenging.

The sacrifices he and his family made during his tenure were non-trivial; we all owe him, his family, and the women and men at the Bureau a debt of gratitude for their hard work. His understanding of the threat landscape, his passion and accomplishments, and his commitment to making the world a safer place has made him a hero to me – and one that will be missed at the FBI. That’s ok, though. He leaves a great team in place to take their next step, and he will be in the private sector still fighting the good fight, just from a different angle. And that’s good, because we need him to.

Tags: , ,

Hard Lessons about Hacking and Proxy Services

I was disheartened to read about the 22 September arrest of alleged LulzSec/Anonymous member Cody Kretsinger (known by the handle ‘recursion’) by the FBI as a suspect in the SQL injection attacks on multiple Sony websites. Note that I was not sad to see the good guys bust a cybercriminal, but I was sad to see a nice guy I had met and talked to briefly at BlackHat Las Vegas 2011 turn out to be a suspect wanted by the FBI.

Cody Kretsinger, second from right, at BlackHat 2011

One of the things we at Cisco try to do is reach out to those studying infosec and wanting to make a career in security. At BlackHat Cisco had a contest where the winner got a Pwnie Express PWN Phone, effectively a modified Nokia N900 with some pentesting software loaded. A group of guys, volunteers with the show from an IT school, were fascinated by the PWN Phone – possibly because in their circle a couple of them had Nokia N900s, a device relatively unknown in North America but somewhat popular in certain hacking circles due to the fact that its OS is Linux-based and thus can be made to run things like metasploit (like the PWN Phone does).

Read More »

Tags: , , , , , ,