April 28, 2011

FBI Lacks Skills To Investigate Cyber Intrusions

Roughly one in three FBI agents investigating national security-related computer intrusions lack the required technical skills to perform their jobs, according to a government report released on Wednesday.

Furthermore, agents are often transferred or diverted to other cases, preventing them from investigating cyber attacks involving national security.

Of the 36 agents interviewed during the review, 13 were deficient in at least some of the critical skills needed to do their job, read the report by the inspector general of the U.S. Justice Department.

Five of the agents described themselves as unqualified to conduct investigations of national security-related cybercrime.

Sensitive government networks routinely come under attack from hackers seeking to steal classified content, or trying to cripple vital operations.  Currently, some 19 percent of the FBI's cyber agents focus on national security cases, Reuters reported.

However, some cyber agents complain they do not have adequate experience to investigate such cases, or are too often assigned to other cases or rotated between offices, the inspector general's office said in the report.

"Because national security intrusion cases are highly technical and require a specific set of skills, new cyber agents are often not equipped to assume responsibility of a national security intrusion investigation," the report read.

As a result, field agents sometimes lack the tactical analytical support for these cases, "hampering their ability to connect the dots in an investigation and to determine those responsible for intrusions."

In 2007, the FBI rolled out 12 core courses designed to make agents experts for cyber security investigations.  The agents were expected to complete the courses, along with on-the-job training, within five to seven years. 

The DOJ report did not disclose the number of agents who have completed the coursework.

The inspector general's office tested the 36 cyber agents it interviewed to determine if they had the critical technical skills needed to investigate national security cases, and found that 64 percent did.

The FBI told the inspector general that it was looking into the issue of transfers, and that the cyber division has also updated its career path program to ensure "field offices had qualified agents to investigate national security intrusion matters," the report read.

The inspector general advised the FBI to establish regional hubs with cyber agents who can adequately investigate national security cases, an idea the agency said it was considering.

Jenny Shearer, a spokeswoman for the FBI's cyber division, said the inspector general's report represented a snapshot taken from only "a few field offices."

The resources the agency can allocate to national security computer attacks are limited by congressional appropriations, and the agency consistently spends more money in the area than is in its budget, she said.

"We're working hard on it," Shearer added.

The Inspector General's full report (redacted version) can be viewed at http://www.justice.gov/oig/reports/FBI/a1122r.pdf.