FBI secrets to strengthen your security strategy
In a world where cyber threats evolve daily, the recent FlexTalk webinar, Inside the mind of a cybercriminal: FBI secrets to protect your business, offered a front-row seat into the rapidly changing tactics of today’s digital adversaries. Featuring former FBI Special Agent Jeff Lanza and Flexential VP of Cybersecurity Services, Will Bass, the session unpacked modern cybercriminals’ psychological and strategic playbook—and what organizations can do to stay ahead.
From mafia heists to global cybercrime
Jeff Lanza opened with a personal story that shaped his FBI career—reading about the infamous $5 million JFK airport heist by the Bonanno crime family. While dramatic, he emphasized that today’s cybercriminals far surpass traditional organized crime in scale and reach. Unlike the mafia, which was localized and subject to prosecution, cybercriminals operate across borders, often from countries without extradition treaties.
The evolution of cyberattack tactics
Cybercrime has evolved from simple phishing to advanced forms of extortion:
- Credential theft and social engineering: Early attackers tricked users into handing over login credentials and transferred funds directly from business bank accounts.
- Business Email Compromise (BEC): Criminals hijack email threads to impersonate executives and manipulate employees into wiring money.
- Ransomware and double/triple extortion: Attackers lock files and steal sensitive data, threatening to leak it unless ransoms are paid. Some even access cyber insurance policies to determine ransom amounts.
- Ransomware-as-a-Service: With off-the-shelf ransomware kits now available, even novice hackers can launch attacks—democratizing cybercrime and amplifying the threat.
“We may have more people choosing cybercrime over drug trafficking because the profits are high, and the risk of being caught is low”.
— Former FBI Special Agent Jeff Lanza
The role of AI: Friend and foe
Artificial Intelligence is rapidly transforming the cyber battlefield—on both sides.
Offensive capabilities
Cybercriminals leverage AI to:
- Write customized malware.
- Craft hyper-personalized phishing emails.
- Mimic writing styles use publicly available data, such as CEO letters in annual reports.
- Create deepfakes to impersonate executives and trick employees into wire transfers.
One chilling story recounted how a new employee received a seemingly personal message from their “CEO,” requesting gift cards as employee rewards—classic deepfake social engineering.
Defensive capabilities
On the flip side, AI empowers defenders to:
- Automate vulnerability assessments.
- Streamline patch management.
- Prioritize risks based on infrastructure gaps, like unprotected VPNs.
- Identify phishing patterns with greater accuracy.
Organizations must embrace AI to keep pace—and eventually outmaneuver—AI-fueled threats.
Common sense, verification, and training
No matter how advanced the tools, humans remain the frontline—and sometimes the weakest link.
- Social engineering: Attackers rely on urgency and fear to trick people into irrational actions.
- Deepfake safeguards: Businesses (and families) should establish code words and verification steps for financial transactions.
- Insider threats: From North Korean deepfake job applicants to employees coerced into aiding hackers, the internal risk is real.
- Employee training: Repetition and scenario-based learning are key. It’s not about knowing the rules once—it’s about knowing how to act under pressure.
“Common sense is often the first casualty in cybercrime.”
— Former FBI Special Agent Jeff Lanza
Reporting and regulatory readiness
When a breach occurs, response time matters—and so does legal compliance. Lanza and Bass outlined the current patchwork of reporting requirements:
- Federal requirements: Limited to specific sectors (e.g., SEC disclosures for publicly traded companies, HIPAA for healthcare).
- State requirements: Vary widely; many mandate breach notifications to affected customers.
- OFAC compliance: Paying ransoms to sanctioned entities (e.g., from North Korea) could violate federal law.
Establishing a relationship with the FBI in advance is highly recommended. Agencies like InfraGard allow vetted organizations to collaborate with law enforcement and gain threat intelligence proactively.
Building organizational resilience
The most important takeaway? Preparation trumps panic. Key elements of cyber resilience include:
- Immutable, air-gapped backups: These ensure data can be recovered without paying a ransom.
- Incident response and disaster recovery plans: Must be tested, updated, and—critically—accessible offline.
- Layered security: From endpoint to perimeter to physical controls, redundancy is strength.
- Third-party risk management: Vendors and software partners are frequent entry points for attackers.
Cybersecurity isn’t a one-time investment—it’s an ongoing operational imperative.
From chaos to continuity
The cybercrime playbook continues to evolve. However, businesses can tip the balance with the right mix of people, processes, and technology. As Lanza urged: “It all comes down to resiliency. Not if—but when—a cyberattack happens, how quickly can you respond, recover, and keep moving?”
This webinar wasn't just a wake-up call but a blueprint for action.
Ready to fortify your cyber defenses?
Flexential Cyber Security Services go beyond protection—they empower resilience. From vulnerability assessments to incident response planning and employee training, our experts help you build a multi-layered defense against evolving threats. Explore Flexential Cyber Security Services to learn how to put your plan into action before it’s too late.
