WASHINGTON, D.C.—The U.S. Department of Justice has issued a report critical of the Federal Bureau of Investigation’s ability to address threats to national security posed by cyber intrusions. The two main objectives of the audit were to evaluate FBI efforts in developing and operating the National Cyber Investigative Joint Task Force (NCIJTC) to address the national security cyber threat, and to assess the capability of FBI field offices to investigate national security cyber cases.
“These objectives focused mainly on the FBI’s highest cyber priority, counterterrorism and counterintelligence intrusions,” the highly-redacted report said.
In light of those priorities, it is no wonder the report is critical of the Bureau’s capabilities over the past few years. According to statistics compiled during field work conducted for the report—at the FBI’s Washington, D.C. offices as well as at 10 of the Bureau’s 56 field offices—in 2009, the FBI “used 19 percent of its cyber agents on national security intrusion investigations, 31 percent to address criminal-based intrusions, and 41 percent to investigate online child pornography matters.”
The authors of the report also tested 36 FBI cyber agents to assess their qualifications to investigate national security cyber intrusions, and found that 23 (64 percent) had the necessary skills. However, 36 percent of the 36 agents had never heard of NCIJTC, which is the centerpiece of the FBI’s national security cyber intrusion operations. Five of the agents interviewed actually admitted that they lacked the technical skills necessary to investigate cyber intrusions.
The report also found that information sharing among the 18 federal agencies that have a role in NCIJTC was insufficient to provide the level of interagency coordination necessary to protect the country’s cyber infrastructure.
According to IT World, the lax coordination and investigative focus is a big problem in a world in which “years-long cyberattacks launched by the Chinese military had netted 'terabytes' of sensitive data ranging from names and passwords that would give access to State Department computers, to the design of major weapons systems.”
Those and other cyber attacks by the Russians and other foreign powers “represent a new state of cyberwar the U.S. is not yet prepared to fight,” said IT World, which quotes Stewart Baker, a former senior cyber-security official at the U.S. Department of Homeland Security and National Security Agency, as warning that the attacks have been so successful “we have given up on the idea we can keep our networks pristine.”
The focus has shifted from maintaining defensible networks to more sophisticated efforts to detect and counter intrusions as they're made, reported the site, which concluded, “Unfortunately, those are exactly the kinds of skills the FBI cyber squads lack and the kind of crime they don't have the time or resources to investigate.”
For IT World, the decision to put valuable human resources into the fight against online child pornography rather than cyber intrusions is something worth reevaluating, despite the fact that child pornography and non-national security related cyber crimes need to be investigated.
“When you're losing terabytes of sensitive data to foreign governments who can walk freely through your most secure computer systems, however, maybe it's time to reconsider your priorities,” the websites opined. “Maybe shift a few agents away from the wankers and point them toward the enemy?”
The DOJ report on the FBI's abiliity to address the national security cyber intrusion threat can be read here.