Information Warfare: The FBI Finds A Clue

Archives

April 9, 2015: At the end of March the U.S. FBI (Federal Bureau of Investigation) released a report on FBI use of Internet and computer based operations. While acknowledging progress in developing Internet based intelligence and analysis capabilities within the FBI it was pointed out these capabilities are not yet fully appreciated by senior leadership. This leads to less use of FBI Internet and software experts than possible. Computer savvy field agents have a hard time getting all the attention they could use when it comes to FBI Cyber War and analysis resources. FBI Internet experts also have a hard time getting all the tools they need because their work is not seen as important as it actually is. As bad as this sounds it is actually good news because the FBI has made a lot of progress in this area in the last decade. 

Since 2000 the FBI has been striving to catch up with the demand for special agents and support staff possessing the computer skills needed to deal with computer based crime and espionage. A 2011 survey found that about a third of the agents assigned to computer crime teams felt they lacked the skills to handle all the demands of the job. In response the FBI has made increasingly vigorous and public efforts to increase the number of special agents (the FBI operatives who do most of the investigating) and support personnel with Cyber skills. Progress has been slow and the latest effort involves aggressive advertising seeking applicants to be special agents with substantial Internet security and hacker skills. As with other special agents the applicants must have a college degree and be able to pass an intense background investigation. The FBI ads list numerous technical skills applicants should have (to a significant degree, the more the better). Those skills include programming, network security, hacking (nothing illegal, of course, much less getting arrested for it), malware analysis, digital forensics and so on. Many college level software engineering programs now cover all this but the FBI is looking for applicants with practical experience as well. Those accepted, and who pass the regular special agent training and the new “Special Agent (Cyber)” course would become a special agent who can be used on computer crime (fraud, theft, espionage) cases.

All this is part of a recruiting effort that began in 2009 as the FBI sought to recruit 850 special agents and 2,100 other specialists with Cyber skills.  With 30,200 employees (40 percent of them "special agents") the FBI had finally admitted that it needed a lot more people with Cyber skills and it needed them fast. In 2009, with a recession going on it seemed a good time to be recruiting computer specialists. But this effort did not increase, much, the number of special agents with high grade computer chops. However, the addition of more computer savvy special agents did make it easier for senior FBI officials to get more timely updates from the young agents who could be trusted to accurately describe what the FBI was facing. What the FBI leadership heard, and now understood better, was not good news. The FBI had long played down the Cyber War threats and resisted the introduction of PCs in FBI operations. Now came the realization that the threat was much larger than leadership had ever appreciated and that the FBI was poorly equipped to deal with the threat.

The FBI is responsible for going after criminals (including terrorists and spies) that operate via the Internet. The problem is that, for decades, the FBI had been way behind when it came to computer technology. Since the late 1990s the FBI has tried to catch up. A major problem has been hiring technically competent people. There were several reasons for this difficulty First, the FBI is a pretty straight-laced organization, not the sort of environment that appeals to cutting edge computer techies. This puts off a lot of good people the FBI would like to have. Another problem is money. The FBI employees are paid according to civil service pay scales. This system makes it difficult to hire hot-shot computer experts at market wages. The FBI solution initially was to hire whoever they could get, and then train them. This included a lot of on-the-job training. The problem with this approach was that when these FBI employees got really expert, they noted that they could make a lot more money using their new skills in a non-government job and left.

The FBI responded to this by creating working relationships with companies that had the highly paid Internet experts. Not quite the same as hiring expensive consultants, but it gave the FBI access to top notch computer skills when they needed it most. Internet security companies, in particular, liked the working relationship with the FBI, because these outfits tracked a lot of computer crime. In turn, the FBI had access to a lot more detail on computer crime, and people who had better skills and tools for hunting down the cybercrooks.

This is not the way the FBI normally likes to operate. At first, the FBI tried to create and maintain a database of online crime. But they didn't have the people, or other resources, to handle it. However, they discovered that commercial Internet security firms were already doing this, and found that these commercial databases were good enough. Working this much with commercial firms is new for the FBI. However, with all the rapidly changing computer technology, and Internet crime techniques, this is the only way the feds could cope. The cooperation with commercial firms also makes it easier to get other government agencies to work together. To take on Internet crime, the FBI had to include the Postal Service, the Federal Trade Commission, as well as a number of other federal, state, local and foreign law enforcement organizations in partnerships. It's a whole new way of operating for the FBI.

All this was mainly in support of the war on terror, and also to replace the growing number of baby boomers who are retiring. The FBI was eager to increase the proportion of agents and support personnel possessing more foreign language as well as computer skills. This was critical as the FBI stationed more personnel overseas after 2001. For over 70 years, the FBI has had a presence overseas. While the CIA was created after World War II to specialize in collecting intelligence overseas (and is forbidden by law from doing that in the United States), the FBI always maintained some presence abroad. Even before September 11, 2001, the FBI was sending more agents overseas as part of domestic counter-terror operations. Currently, there are over 200 FBI personnel stationed overseas, in nearly fifty countries. The FBI usually operates out of the local U.S. embassy.

Back home, the FBI is responsible for detecting and defeating large scale computer crime operations. This is becoming a larger and larger responsibility, and the Bureau wants more people qualified to hunt down the cyber criminals, and build a criminal case against them.