The FBI is one of a handful of U.S. agencies tasked with investigating computer crimes and one of the many roadblocks that has stood in the way of more successful cases and prosecutions is a lack of resources, mostly in the form of trained agents. It looks like the bureau will be getting the money in 2012 to hire more agents for its cybercrime unit, but the 14 new agents included in next year’s budget still aren’t nearly enough to address the full scope of the problem in the U.S., let alone globally.
In its budget request to Congress, the FBI has asked for $166.5 million–or $18.6 million more than 2011–for its efforts to investigate and fight computer crimes. Much of the increase is earmarked for new personnel, specifically 42 new positions, including 14 special agents. There also is money meant to be used for training and other functions within the cybercrime unit. In his statement to Congress in April regarding the necessity of the new agents and the extra money, FBI Director Robert S. Mueller said that the bureau needs the money and agents to help coordinate its operations with other U.S. and international agencies that also fight cybercrime.
“But the FBI cannot do it alone. The National Cyber Investigative Joint Task Force includes 18 law enforcement and intelligence agencies, working side by side to identify key players and schemes,” Mueller said.
“This task force plays an important role in the administration’s Comprehensive National Cybersecurity Initiative. Its goal is to predict and prevent that which is on the horizon, and then attribute and pursue the enterprises behind these attacks. The task force operates through Threat Focus Cells—smaller groups of agents, officers, and analysts from different agencies, focused on particular threats.
Together with law enforcement, the intelligence community, and our international and private sector partners, we are making progress, but there is significantly more to do.”
Lawmakers seem inclined to give the FBI what it’s seeking in terms of money to hire new agents and upgrade training and technology. In its response to the FBI’s budget request, the House Subcommittee on Commerce, Justice, Science and Related Agencies acknowledged the need for better cybercrime-fighting tools, and said that some of the new resources should be used to bring the NCIJTF up to the level of a round-the-clock operation.
“Within the increase provided, the Committee recommends the request for the Comprehensive National Cybersecurity Initiative [CNCI] to increase coverage of cyber-terrorist threats. This will allow the FBI to hire five additional special agents and professional support staff to transform the National Cyber Investigative Joint Task Force [NCIJTF] from an 8 by 5 operation into a 24 by 7 operation. As one of the six cybersecurity centers identified under the CNCI, the NCIJTF plays an important role in coordinated national cybersecurity operations. Because threat actors operate globally, a significant volume of cyber threat activity occurs outside of normal business hours. The ever increasing need for real-time analysis to support operations and provide program management for multi-agency efforts requires the NCIJTF to boost its after-hours presence,” the subcommittee members said in the response.
But what’s lost in much of this discussion of new personnel and training and technology is that much of what the FBI and Congress seem to be focusing their efforts and concerns on is the nebulous threat of cyber-terrorism, not cyber crime. The vast majority of the problems affecting consumers, businesses and government agencies right now consist of financial fraud, intellectual property theft and attacks aimed at stealing money or assets in one form or another.
In his budget statement, Mueller cites Al Qaeda as a potential online threat and points to recent DDoS attacks and site defacements as evidence of the seriousness of the problem the FBI is facing. As Nick Selby points out, using terrorist groups as bogeymen to scare up more appropriations or resources isn’t even necessary when there’s a massive, real-world problem ongoing every day.
“This is either the single most naive statement about cyber criminals’ tactics, tecniques and procedures, or they’re just blowing, well, smoke,” Selby wrote in an analysis of the situation.
“And I see no mention of skimmers or ACH in anything mentioned about staying up late to catch Al Queda hackers looking to DDOS or deface America.”
The subcommittee did say in its response to Mueller’s budget request that it expects the FBI to use a large chunk of money to give specialized training to regular field agents who may be involved in computer crime cases, especially those involving attacks on the networks of government agencies, defense contractors or utilities.
“The Committee expects the FBI to use, from within funds provided, $5,000,000 for training for FBI cyber agents involved in national security intrusions cases. This will allow the FBI to increase the number of cyber agents qualified to understand current techniques and tactics used by those engaged in illicit cyber activities, and keep abreast of emerging technologies that are used to overcome computer systems’ defenses and to infiltrate networks, such as those of the U.S. Government, utility companies, defense contractors and financial institutions,” the response says.
“The need for such training stems from the April 2011 DOJ OIG’s report entitled `The Federal Bureau of Investigation’s Ability to Address the National Security Cyber Intrusion Threat.’ This report raised concerns that 36 percent of FBI field agents assigned to national security-related cyber investigations lacked the expertise, including in networking and counterintelligence, needed to investigate these types of cases and identify those responsible for intrusions.”
The new agents and training represent movement in the right direction, but the scope of the cybercrime problem is such that even if the FBI devoted a majority of its resources to fighting online crime, it would still have a difficult time.