Risk
12/20/2011
01:23 PM
50%
50%

FBI To Get More Cyber Crime Agents

But is the bureau focusing too heavily on cyberterrorism, as opposed to fighting cybercrime?

The FBI is set to receive more cyber special agents.

According to the draft of the Departments of Commerce and Justice, and Science, and Related Agencies Appropriations Bill for 2012, released earlier this month, the bureau will see increased funding for a number of types of investigations, including computer intrusions and cyber investigations.

That's important, because when it comes to computer intrusions--including foreign intelligence operations that pose a national security threat--"the FBI is in a unique position to counter cyber threats, as it is the only agency with the statutory authority, expertise, and ability to combine counterterrorism, counterintelligence, and criminal resources to neutralize, mitigate, and disrupt illegal computer-supported operations domestically," according to the House committee's appropriations bill.

Accordingly, the committee has recommended that the FBI be granted its full cyber-investigation budget request of $166.5 million, which is an increase of 13% from 2011. That will help the bureau fund 42 new positions, including 14 new special agents with cyber expertise, to "further the FBI's investigatory, intelligence gathering, and technological capabilities."

For comparison's sake, the bureau's budget for investigating national security threats will be $316 million, while the Criminal Justice Information Services Division will receive $645 million. Staffing-wise, the bureau had also requested 367 new positions for fighting white-collar crime, and 20 new positions for handling child exploitation cases.

[ The Obama administration has released a plan to bolster U.S. network security. See White House Sets Cybersecurity R&D Priorities. ]

Out of a workforce that numbers about 30,000 people, the FBI now has cyber squads in each of its 56 field offices across the country, as well as 1,000 specially trained cyber agents, analysts, and digital forensic examiners. "Together, they run complex undercover operations and examine digital evidence. They share information with our law enforcement and intelligence partners. And they teach their counterparts--both at home and abroad--how best to investigate cyber threats," said FBI director Robert S. Mueller in April, when he presented the bureau's budget requests to the House committee.

The FBI has also requested additional funding relating to the Comprehensive National Cybersecurity Initiative (CNCI), and in particular for the National Cyber Investigative Joint Task Force (NCIJTF) that it coordinates. FBI officials want the task force to no longer operate just during business hours.

Of the money being budgeted for the FBI's cyber capabilities, $5 million is to be set aside "for training for FBI cyber agents involved in national security intrusions cases," according to the committee. "This will allow the FBI to increase the number of cyber agents qualified to understand current techniques and tactics used by those engaged in illicit cyber activities, and keep abreast of emerging technologies that are used to overcome computer systems' defenses and to infiltrate networks, such as those of the U.S. government, utility companies, defense contractors, and financial institutions."

The committee said that the need for such funds had been highlighted by an April 2011 report from the Department of Justice office of the inspector general, which found that "36% of FBI field agents assigned to national security-related cyber investigations lacked the expertise, including in networking and counterintelligence, needed to investigate these types of cases and identify those responsible for intrusions." While the bureau will no doubt be thankful for the increased funding, after the audit, FBI officials sharply contested the auditors' findings, saying it presented an outdated picture of the bureau's rapidly improving cyber-investigation capabilities.

Finally, although no money was allocated for the task, the committee said that it also "encourages the FBI to expand its integration of FBI cyber agents into eastern European police services." That's astute, since many cybercrime operations launched against residents of the United States can be traced to Eastern Europe.

But is the FBI's new cybercrime budget sufficient? Law enforcement and risk management consultant Nick Selby, writing on his Police-Led Intelligence blog, said that the funding levels remain "ludicrously low," especially given the frequency with which such crimes are committed. Furthermore, he said, the FBI is the only agency "empowered to battle many types of cyber crime--for example, any cyber criminal act launched from outside the U.S. which attacks U.S. companies or government." In other words, he thinks the bureau needs more money to fight cybercrime.

How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration require

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
12/31/2011 | 3:09:41 PM
re: FBI To Get More Cyber Crime Agents
For Internet policing to work, it not only takes more resources domestically but also global buy-in and cooperation. There have been a couple arrests this past year that are great examples of that.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7444
Published: 2015-09-01
The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

CVE-2015-2807
Published: 2015-09-01
Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.

CVE-2015-6520
Published: 2015-09-01
IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request.

CVE-2015-6727
Published: 2015-09-01
The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

CVE-2015-6728
Published: 2015-09-01
The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack.

Dark Reading Radio
Archived Dark Reading Radio
Another Black Hat is in the books and Dark Reading was there. Join the editors as they share their top stories, biggest lessons, and best conversations from the premier security conference.