Is Cyber Crime Really the FBI's No. 3 Priority?
The Federal Bureau of Investigation says that its No. 3 priority is protecting the United States "against cyber-based attacks and high-technology crimes." Given the increasing pervasiveness and costs associated with such crime, FBI Director Robert Mueller should be commended for giving anti-cyber crime investigations such high status, second only to terrorism and espionage/counter intelligence investigations.
But according to an analysis by Security Fix, cyber crime remains a distant third priority for the federal law enforcement agency, at least in terms of resources applied to the problem.
That assessment is based on information from the Justice Department itself, based on a reading of a 203-page document justifying its fiscal year 2008 budget request to Congress.
The cyber portion of the 2008 request includes a request for $258.5 million in funding for some 659 field agents, a 1.5 percent increase over 2007 levels. That's 659 out of a total of 11,868 FBI agents nationwide, which would mean the FBI is on track to dedicate roughly 5.5 percent of its agents to cyber crime investigations. But as we'll see later, the true number may actually be lower.
To be clear, the FBI's cyber program encompasses everything from battling traditional cyber crime -- the kind of illegal activity you might associate with someone hacking into your PC or stealing your identity -- to illicit online activities that could potentially support terrorist activity.
Here's how the Bureau describes its cyber efforts (the text is from the DOJ '08 budget justification): "The FBI's Cyber Program consolidates Headquarters and field resources dedicated to combating cyber-crime under a single entity. This allows the Cyber Program to coordinate, supervise, and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as the principal instruments or targets of terrorist organizations, foreign government-sponsored intelligence operations, or criminal activity. Included under the purview of the Cyber Program are counterterrorism, counterintelligence and criminal computer intrusion investigations; intellectual property rights-related investigations involving theft of trade secrets and signals; copyright infringement investigations involving computer software; credit/debit card fraud where there is substantial Internet and online involvement; online fraud and related identity theft Investigations; and the Innocent Images National Initiative."
While the "Innocent Images National Initiative" is listed last in the excerpt above, it's by no means least among the FBI's cyber priorities. The initiative -- designed to catch sickos who enjoy looking at and facilitating child pornography -- claims the attention of roughly a third of the agency's cyber agents, according to the document.
I'm certainly not trying to take anything away from that important program, or suggest that fewer agents be dedicated to it. The drive to lock up child predators is one of few law enforcement imperatives that transcends national boundaries or politics. Experts say it is rare to find a form of crime which elicits such visceral and rapid reaction and cooperation from law enforcement officials around the world.
The main reason I single it out is that it clouds the agency's record on addressing the kinds of crimes that most people probably think about when they hear the words "cyber crime." According to the FBI, the Innocent Images program accounted for a major share of the FBI cyber crime convictions and "pre-trial diversions" in fiscal year 2006. For example, Innocent Images netted 1,018 convictions and plea agreements in 2006, whereas the Justice Department won 118 convictions or pleas for computer intrusion cases last year.
If we look at the number of agents the FBI has tasked to investigating illegal online activities of the sort that involve computer intrusions or the trade and/or sale of stolen business and consumer data (crimes increasingly committed by organized crime syndicates based overseas), then it appears that the FBI has requested a total of 427 agents to fight the cyber crime problem next year. So, assuming Congress grants its budget request, the FBI is on track to have about 3.6 percent of all of its active agents dedicated to its stated No. 3 priority.
Of course, the FBI is not the only agency fighting cyber crime. The U.S. Secret Service and the U.S. Postal Inspection Service both play critical roles. Also, none of this analysis should take anything away from the work being done by several industry-government partnerships, such as the National Cyber-Forensics & Training Alliance (NCFTA) in Pittsburgh and the Internet Crime Complaint Center (IC3) in West Virginia. Nor should it diminish the work the FBI does in tandem with various task forces that rely heavily upon state and local law enforcement officers to investigate identity theft cases that often have roots in cyber crime.
But this data does seem to raise the following question: If the FBI's third most-important priority claims just over 3.5 percent of its active agents, how many agents and FBI resources are dedicated to the remaining Top Ten priorities? The FBI says those priorities are, in the following order:
4. Combat public corruption at all levels.
5. Protect civil rights.
6. Combat transnational and national criminal organizations and enterprises.
7. Combat major white-collar crime.
8. Combat significant violent crime.
9. Support federal, state, county, municipal, and international partners.
10. Upgrade technology to successfully perform the FBI's mission.
Again, a major reason I want to call attention to these figures it to spark a debate over whether the FBI is dedicating enough resources to fighting cyber crime.
For his part, Paul Kurtz, a former White House cyber security adviser for the Bush administration, said absolutely not.
"I think that we need to dramatically increase the number of agents and analysts supporting the government's overall cyber investigative efforts," Kurtz said. "The FBI -- for what resources it has -- is not doing a bad job. But when we have as many problems going on as we have today, with China and Russia and organized crime and white-collar criminals getting involved in computer crimes, we don't have nearly enough agent workforce to take on this problem. And until we see a major increase, we're going to remain behind on fighting this problem."
But Jim Lewis, a senior fellow at the Center for Strategic & International Studies and director of its Technology and Public Policy Program, said you can throw all the FBI agents in the world at the cyber program without much improvement in the current situation if the U.S. cannot build stronger ties with foreign law enforcement agencies.
"When there are political or legal situations in other countries that keep you from using your resources efficiently, then adding more resources doesn't help you very much," Lewis said. "The FBI shouldn't be trying to do everything, but should focus mainly on the largest cyber criminal operations. The problem is that the level of cooperation we get from many countries is kind of dubious, and criminals will gravitate to places where they have the best chance of not getting caught."
What do you think, dear readers? Weigh in with your thoughts in the comments section below.
Tomorrow, Security Fix will examine some indicators of just how much cyber crime is costing American consumers and corporations each year.
By Brian Krebs |
September 24, 2007; 3:14 PM ET
Fraud
, From the Bunker
, U.S. Government
Previous: Your Money or Your E-mail |
Next: Service Pack 3 Available for Office 2003 Users
Posted by: Greg | September 24, 2007 3:46 PM
Greg, one was is to become a[n in]famous hacker, then get hired by the FBI to tell them how to prevent others from doing what do did. But you'd better have a REALLY GOOD attorney who can plea-bargain like hell!
Posted by: Gary | September 24, 2007 4:19 PM
The FBI needs to create a volunteer liaison office, with substantial funding for subsidizing and rewarding the volunteers. There are plenty of people who would be glad to help, to feel that they are part of the effort.
Posted by: Joel 30707 | September 24, 2007 9:38 PM
Any cyber crime that is at its roots both [1]economic and [2]organized and therefore aims primarily at depriving one of property value or rights, is at its core RICO [Racketeer Organized & Corrupt Organizations Act] and while RICO was originally designed to target 'da mob,' a private right of action for a civil treble damage case is part of the statute.
CLEARLY any organized effort to deprive one of property rights, i.e., all those bogus Bank of America e-mails that are aimed at getting direct or indirect access to one's personal financial records, etc., appear to qualify.
Perhaps more significantly, a massive and undetected compromise, could potentially result in more economic damage to US Citizens, permanent residents and even illegals who are not engaged in OVERT criminal activities, that a clear NATIONAL SECURITY scenario is presented thereby.
Under these circumstances, though it may otherwise be 'unusual, the National Security Agency SHOULD be assisting the FBI in these situations.
This should happen before the crisis becomes worse, as it surely will.
Legislatures perhaps should be focusing on mandatory anti-virus and anti-spyware programs on all computers, rather than trigger locks and registration on all firearms.
Posted by: brucerealtor | September 25, 2007 4:27 AM
There are few organizations in Washington which are worse-suited for their missions than the FBI. The FBI should be doing the same sorts of things that they did when Hoover ran the place. Their work in counter-intelligence, anti-terrorism and "cyber-crime" exposes the numerous weaknesses of the sorts of agents the FBI likes to hire and weakens the focus of the organization to a fatal degree.
Posted by: Robert | September 25, 2007 6:03 AM
Where's Interpol in all this? Are they an effective international force in fighting world cyber-crime? Can their organization and its history be a model for this most important effort?
Posted by: Pete from Arlington | September 25, 2007 9:48 AM
I still find it amazing that the average U.S. citizen willingly undermines their own federal law enforcement at every opportunity; especially at this time of globalization and global terror. Robert, I disagree with your comment about the "worst suited for their mission in Washington DC..", with several nations represented there and they typically spy on U.S. government agencies, especially the FBI.
The FBI is copied by other countries, and routinely disrespected in the U.S. Maybe I am missing something with this constant effort to undermine the U.S. in any way possible. Wake up America.
Posted by: cassandra | September 27, 2007 3:12 PM
The US government spends an enormous amount on social security payments. However, it's wrong to say that social security payments are the US government's #1 priority -- I don't imagine the president gets up every morning with socia security payments on his mind.
I would imagine most FBI agents are temperamentally and technically unsuited for cybercrime work -- a better measure on how seriously the FBI takes its cybercrime role would be how much energy it's expending to try to create a force that can actually deal with cybercrime.
Posted by: Ray | September 28, 2007 1:56 AM
The FBI is copied by other countries? I don't understand what makes you say that. Other countries having law enforcement does not mean that they are copying the FBI.
Posted by: hellothere | September 28, 2007 1:58 AM
At least some of the remaining seven funding objectives seem of great importance even compared to the cyber-crime initiatives. I only hope we don't lose sight of those objectives in the cause of the biggest three.
Posted by: Anderson Vitous | September 28, 2007 2:40 AM
Given that criminal hacking attacks - (as opposed to "hackers" and "computer enthusiasts" breaking into weakly protected systems - like Gary McKinnon did with NASA - because they didn't resest the default passwords) - is a highly organised trans-national criminal enterprise with links to organised crime in several countries the only hope is for the FBI to work with other organisations such as Interpol in tracking down the real criminals.
But as Interpol doesn't have any leverage in the countries where most criminally motivated cyber-attacks origin, and as those countries are in themselves funding and/or turning a blind eye to those cyber-attacks - I won't hold my breath ..
Conclusion: Things can only get worse ...
Posted by: drk | September 28, 2007 5:08 AM
I recently listened to an FBI agent discuss Cyber Security in Saint Clairsville Ohio. Your article echos every thing this agent told us concerning cyber crime and the FBI. My conclusion is that we are still living in the wild wild internet west without any law enforcement to curtail the nefarious activities of cyber criminals. In the short term things will continue to get much worse. It may take one major hurtful internet security event to change the priorities of this government. Personally, I would love to see government sponsoring/promoting cyber security and forensic classes in all two and four year univeristies in the US. I hope someone in upper administration is paying attention to what is occuring in the cyber universe. Donald Winland
Posted by: Maxmillius | September 28, 2007 6:32 AM
"The FBI needs to create a volunteer liaison office, with substantial funding for subsidizing and rewarding the volunteers. There are plenty of people who would be glad to help, to feel that they are part of the effort."
Well they do have Infragard that seems to be pretty active at least in the NYC metro area:
Infragard Mission Statement:
It is our goal to improve and extend information sharing between private industry and the government, particularly the FBI, when it comes to critical national infrastructures.
Posted by: Kevin McGrath | September 28, 2007 12:17 PM
The FBI's mission is to investigate and prosecute interstate crime inside the country. Since 9/11, they have had terrorism added. To the extent that organized crime and terrorists are involved in cybercrime, the FBI resources working on the issue can perform a supporting role that can be helpful. That said, the Innocent Images project seems to fit well within their main mission.
Can they do better? Who can't? But is this a serious failing of the FBI? It depends. Are other agencies devoting enough resources to the issue to let the FBI continue as is?
The DoD has the biggest budget and has taken on a significant portion of the intelligence gathering for terrorism. The CIA's mission is to detect, warn, and act against foreign threats, so what percentage of cybercrime is foreign vs. homegrown? And the NSA has a lot more expertise in technology, while not so much in pavement pounding detective work.
One would hope that once the DHS is past its growing pains, it would sort things out and provide a comprehensive report. But in the meantime, all of us should step up as good citizens, especially if we are in a position to make a significant contribution to the cause.
Later . . . Jim
RenaissanceCore IDS, check it out at:
http://sourceforge.net/projects/renaissancecore
Posted by: JJS | September 28, 2007 2:45 PM
world of whimsy or the days of a stale ploy and the big drop of proprieties. so this is a test? to see if america could relinquish its status economically(us dollar vs. the canadian dollar) egalitarianism (torture and war improprieties) and dupe the world into its money engine (citibank and northern rock, bail out from europe. test grade is incomplete and under review for suspension if you are real. if not it is not a test.
Posted by: Locke Mason | October 10, 2007 11:14 PM
For anyone interested, there's a pretty good overview of computer crime from Google Answers:
http://answers.google.com/answers/threadview?id=555871
though it's mostly about corporate crime. Still, it's pretty intriguing reading.
Posted by: david | January 15, 2008 2:46 PM
The comments to this entry are closed.
How do i get a job like this. investigating cyber crimes?