According to the draft of the Departments of Commerce and Justice, and Science, and Related Agencies Appropriations Bill for 2012, released earlier this month, the bureau will see increased funding for a number of types of investigations, including computer intrusions and cyber investigations.
That's important, because when it comes to computer intrusions--including foreign intelligence operations that pose a national security threat--"the FBI is in a unique position to counter cyber threats, as it is the only agency with the statutory authority, expertise, and ability to combine counterterrorism, counterintelligence, and criminal resources to neutralize, mitigate, and disrupt illegal computer-supported operations domestically," according to the House committee's appropriations bill.
Accordingly, the committee has recommended that the FBI be granted its full cyber-investigation budget request of $166.5 million, which is an increase of 13% from 2011. That will help the bureau fund 42 new positions, including 14 new special agents with cyber expertise, to "further the FBI's investigatory, intelligence gathering, and technological capabilities."
For comparison's sake, the bureau's budget for investigating national security threats will be $316 million, while the Criminal Justice Information Services Division will receive $645 million. Staffing-wise, the bureau had also requested 367 new positions for fighting white-collar crime, and 20 new positions for handling child exploitation cases.
[ The Obama administration has released a plan to bolster U.S. network security. See White House Sets Cybersecurity R&D Priorities. ]
Out of a workforce that numbers about 30,000 people, the FBI now has cyber squads in each of its 56 field offices across the country, as well as 1,000 specially trained cyber agents, analysts, and digital forensic examiners. "Together, they run complex undercover operations and examine digital evidence. They share information with our law enforcement and intelligence partners. And they teach their counterparts--both at home and abroad--how best to investigate cyber threats," said FBI director Robert S. Mueller in April, when he presented the bureau's budget requests to the House committee.
The FBI has also requested additional funding relating to the Comprehensive National Cybersecurity Initiative (CNCI), and in particular for the National Cyber Investigative Joint Task Force (NCIJTF) that it coordinates. FBI officials want the task force to no longer operate just during business hours.
Of the money being budgeted for the FBI's cyber capabilities, $5 million is to be set aside "for training for FBI cyber agents involved in national security intrusions cases," according to the committee. "This will allow the FBI to increase the number of cyber agents qualified to understand current techniques and tactics used by those engaged in illicit cyber activities, and keep abreast of emerging technologies that are used to overcome computer systems' defenses and to infiltrate networks, such as those of the U.S. government, utility companies, defense contractors, and financial institutions."
The committee said that the need for such funds had been highlighted by an April 2011 report from the Department of Justice office of the inspector general, which found that "36% of FBI field agents assigned to national security-related cyber investigations lacked the expertise, including in networking and counterintelligence, needed to investigate these types of cases and identify those responsible for intrusions." While the bureau will no doubt be thankful for the increased funding, after the audit, FBI officials sharply contested the auditors' findings, saying it presented an outdated picture of the bureau's rapidly improving cyber-investigation capabilities.
Finally, although no money was allocated for the task, the committee said that it also "encourages the FBI to expand its integration of FBI cyber agents into eastern European police services." That's astute, since many cybercrime operations launched against residents of the United States can be traced to Eastern Europe.
But is the FBI's new cybercrime budget sufficient? Law enforcement and risk management consultant Nick Selby, writing on his Police-Led Intelligence blog, said that the funding levels remain "ludicrously low," especially given the frequency with which such crimes are committed. Furthermore, he said, the FBI is the only agency "empowered to battle many types of cyber crime--for example, any cyber criminal act launched from outside the U.S. which attacks U.S. companies or government." In other words, he thinks the bureau needs more money to fight cybercrime.
How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration require