Terrorists, crooks and nation states are ramping up cyber-assaults that are eating away at data, cash and security in the United States, the head of the FBI warned.

"The risks are right at our doorsteps and in some cases they are in the house," Federal Bureau of Investigation chief Robert Mueller said in a Thursday speech at an RSA Conference of computer security professionals here.

"Working together we can find the people taking shots at us and stop those attacks."

Mueller was the third high-ranking federal official in as many days to urge private industry cyber-warriors to join forces with the US government to battle spies, terrorists and crooks plaguing the Internet.

"As you well know, a cyber-attack could have the same impact as a well-placed bomb," Mueller said.

"In the past 10 years, Al-Qaeda's online presence has become as potent as its in-world presence."

Al-Qaeda uses for the Internet range from recruiting members and inciting violence to posting ways to make bio-weapons and forming social-networks for aspiring terrorists, according to Mueller.

"The cyber-terrorism threat is real and rapidly expanding," Mueller said.

"Terrorists have shown a clear interest in hacking skills and combining real attacks with cyber attacks."

Threats are also rising from online espionage, with hackers out for source code, money, trade and government secrets, according to the FBI.

"Every major company in the US and Europe has been penetrated -- it's industrial warfare," said Richard Clarke, who was a White House adviser under three prior US presidents.

"All the little cyber devices that the companies here sell have been unable to stop them. China and Russia are stealing petabytes of information."

Clarke, now a partner at Good Harbor Consulting firm, was among the RSA panelists discussing cyber-warfare.

"Nation states have created cyber-warfare units. They are preparing the battlefield," Clarke said.

"We have the governments of China and Russia engaging in daily activities successfully that the US government and private industry are not stopping and they are stealing anything worth stealing."

Even seemingly innocuous information about companies is swiped for "spearphishing" attacks in which hackers dupe influential employees into downloading malicious computer codes into company networks.

"We are bleeding data... byte by byte and in some cases terabyte by terabyte," Mueller said.

"We are playing cat and mouse and, unfortunately, the mouse seems to be one step ahead most of the time."

Mueller urged computer security professionals to join in a united, international alliance with law enforcement agencies to battle enemies in cyberspace.

He credited such teamwork with resulting in the recent arrest of three men in Spain suspected of running a network of nearly 13 million computers secretly infected with malicious software and used for nefarious deeds.

Mueller called on victims of cyber-attacks to break the pattern of remaining silent out of fear that reporting crimes would hurt their positions in the marketplace.

"Maintaining the code of silence will not benefit you or your clients in the long run," Mueller said. "We must continue to do everything we can together to minimize and stop these attacks."

Mueller invited computer security savants to join the FBI, echoing a similar offer extended a day earlier by US Department of Homeland Security Secretary Janet Napolitano.

White House Internet security coordinator Howard Schmidt on Tuesday at RSA released a declassified version of a Comprehensive National Cybersecurity Initiative.

CNCI was crafted as the result of a directive signed by then-president George W. Bush in January 2008.

earlier related report
US building top cyber defense team: Napolitano
San Francisco (AFP) March 3, 2010 - The United States is building an elite cyber defense team to guard the nation's public and private computer systems, Homeland Security Secretary Janet Napolitano said Wednesday.

"We need the best brains we can bring to bear on meeting the challenge," Napolitano told computer security specialists at a premier RSA Conference here.

"We are building one of the best teams anywhere, but our success depends in no small part on our ability to collaborate with the private sector."

She challenged those at the conference to join forces with the department and help teach people the importance of protecting themselves from online crooks and spies.

Napolitano launched a National Cybersecurity Awareness Campaign contest to find innovative ways to convince the public how vital it is to safeguard computers from online attacks.

"All Americans have an important role to play in securing our computer systems and cyber networks," Napolitano said.

Proposals for promoting cybersecurity awareness can be submitted online at dhs.gov/cyberchallenge any time before April 30. The department will back winning ideas, according to Napolitano.

She said the department is ahead of schedule deploying an Einstein computer intrusion detection system on federal networks, which should be in place at 21 government agencies by the end of this year.

"Even as we are working to deploy Einstein we take very seriously the protection of privacy and civil liberties," Napolitano said of the system that analyzes Internet traffic as it flows into or out of federal computer systems.

She added the department has made "significant progress" in hardening cyber defenses of privately-owned portions of the US critical infrastructure.

"We need to do more and we need to do it faster," Napolitano said. "Cyber threats are also threats to our homeland security."

She called on computer security specialists to help the department "leapfrog" forward with technology for speedy automated defenses that can operate across all types of systems.