A little over two weeks ago, we — Comcast NBCUniversal’s Strategic Development/Growth unit — announced that we made a control investment in BluVector, an Advanced Threat Detection cybersecurity start-up. And in the period since, we’ve been asked a number of times: Why?
In our press release, we spoke about the enormous market opportunity in cybersecurity; the chance to both augment our own cyber capabilities around new products in particular, and the opportunity to take Comcast’s already substantial cyber capabilities and feed them back through BluVector in order to take them to market; and, perhaps most importantly, the opportunity to work with BluVector’s extraordinary technology and the unbelievably talented people of this amazing high-growth company.
But that’s only part of the story. On a personal level, many of us who worked on this deal — as well as much of the team at BluVector — have experience in national security, from the armed forces to the intelligence community to critical civilian contractor support. And to be clear: BluVector’s work is a mission for us.
In addition to being a terrific growth opportunity for Comcast NBCUniversal, BluVector will enable us to help in the fight against the growing, and merging, hacker threats of cyber crime and cyber terrorism. This is a far more significant threat — a clear and present danger — than most people allow themselves to realize. I wrote about the notion of a growing nexus between cyber crime and cyber terrorism in 2014 ….. far more than in the real world, cyberspace is a place where petty criminality can evolve with extraordinary rapidity into major crime and even terrorism. And, important as it is, government effort is insufficient to combat the threat; the private sector must also step up and do its part in this fight.
John P. Carlin is author of Dawn of the Code War, and was the Assistant Attorney General for the Department of Justice’s National Security Division as well as Chief of Staff and Senior Counsel to former FBI Director Robert Mueller. In a ripping yarn that reads more like a John Le Carré novel, but is all the more terrifying because of its reality, Carlin writes about the nexus of hacking, cybercrime, cyber — and real world — terrorism in both his book, and in Most Dangerous Terrorist, published in Politico:
“We knew that sooner or later terrorists would turn to the internet,” Carlin writes. In 2015, the case of hacker and terrorist Ardit Ferizi demonstrates the world we live in now. Carlin continues, “Ferizi hacked into (a US-based) online retailer’s server in Phoenix, Arizona, stealing credit card information of more than 100,000 customers. He culled through the data to identify people who used either a .gov or .mil email address, ultimately assembling a list of 1,351 military or government personnel, and passed their information to ISIS … What started out as an attempt for criminal extortion ended with a chilling terror threat and a plot to kill.” (emphasis added)
Carlin again: the Ferizi case “….represents the first time we have seen the very real and dangerous national security cyberthreat that results from the combination of terrorism and hacking. This was a wake-up call not only to those of us in law enforcement, but also to those in private industry.” And, this is “….a message I’d echo to businesses and organizations many times in the years to come: You need to report when your networks have been attacked because you never know how your intrusion, however seemingly minor, might impact a larger investigation. What to you might be a small inconvenience could, with broader intelligence, represent a terrorist, a global organized crime syndicate, or a foreign country’s sophisticated attack.”
With BluVector, we are bolstering our ability to play our part in this dangerous, potentially deadly and ever worsening threatscape.