backtop


Print 52 comment(s) - last by YashBudini.. on May 2 at 9:56 PM


The FBI and fellow agencies not only have proved helpless against Russian and Chinese cyberattacks in recent months, but they've also mistakenly raided the homes of innocent citizens and brutalized them in due to sloppy detective work in cybercriminal investigations.  (Source: No Lies Radio)

A recent government report found one in three FBI cyber-security agents is incompetent. It also found that the agency's leadership was guilty of mismanaging the cybersecurity program.  (Source: FBI)
Apparently lack of staffing isn't the only problem afflicting America's weak cyberdefenses

America's cyberdefenses are disturbingly weak according to numerous reports both from the government and the private sector.  Three out of four advisors to former President George W. Bush predicted that a major attack on a U.S. utility would occur within two years, depriving Americans of vital service.  Individuals in China and Russia are suspected of breaking into government systems on a regular basis and stealing information.

But the America's cybersecurity isn't so abysmal merely from underfunding.  According to a recent U.S. Department of Justice report [PDF], it is also suffering from internal incompetence and mismanagement.

The DOJ's inspector general's office performed an audit of cybersecurity staff at the U.S. Federal Bureau of Investigations.  The audit examined 10 of the FBI's 56 field offices, which are designed to respond to cyberthreats.

Of the 36 agents examined, 23 proved basically competent, but 13 "lacked the networking and counterintelligence expertise to investigate national security intrusion cases."

The report complains that some of that incompetence isn't even the agents’ fault -- it’s the fault of the FBI leadership.  Currently the FBI rotates its field agents every three years between offices.  As a result, many agents find themselves with essentially zero expertise at their new, dramatically different cybersecurity position.

The report also complains that the FBI is doing a poor job sharing information with other intelligence agencies.  And it says that many of the field offices examined were "inadequate" in both an analytical and a forensic cybersecurity capacity.

Interestingly, the FBI convinced the DOJ to redact the number of agents that had completed its Cyber Development Plan course program.  The CDP consists of 12 core security sessions, similar to college courses.  The sessions are designed to strengthen agents' background in cybersecurity.  The program was first introduced in 2007.

Since 2009 the FBI has been trying to hire 3,000 new agents, with a heavy emphasis on individuals with IT experience.  The FBI was embarrassed in 2009 by its chief's admission that he almost responded to a phishing scam.

The FBI has had some high profile successes of late -- such as taking down the CoreFlood botnet-- but it also has struggled in dealing with more organized foreign cyberaggression.  The FBI and fellow agencies have also struggled in dealing with homeland cybercriminals, such as child predators.  They have raided several citizens’ homes and reportedly brutalized them, only to find that it had misidentified the suspect due to a lack of investigation.  



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By snakeInTheGrass on 4/28/2011 5:40:20 PM , Rating: 2
Changing the electoral system to allow a runoff would make a big change too, but despite all of the whining over 'the stolen election' in Florida, both parties shut up quickly. True democracy isn't what our leaders want.

As for 1/3 of agents being incompetent, I would have thought it would be higher. How many really good techies are looking for jobs to go violate other Americans privacy / spy on them? You need a court order to intercept mail? Well, how about we just tap your phone & email instead? I can't imagine how people working on those systems don't feel totally scummy.


By Master Kenobi (blog) on 4/28/2011 6:11:56 PM , Rating: 2
It is the pay and the bullshit that keep many of the top IT people away from these jobs. While an FBI salary of 90-100k isn't all that bad, you can easily rake in 150k+ as a contractor or penetration tester for major security corporations. The other problem with FBI and any other government agency is all of the beaurocracy. Many people in the IT field have little patience for it since they are all technical people, not a bunch of ladder climbing politicians like many in the leadership positions in these agencies. Start firing these politicians masking as management and start sticking in knowledgeable and skilled employees that get results and things might change. Until then the private sector is still the #1 place to be for anyone with decent technical skills.


"You can bet that Sony built a long-term business plan about being successful in Japan and that business plan is crumbling." -- Peter Moore, 24 hours before his Microsoft resignation














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki