Thursday, March 13, 2008

Review: 2009 FBI Congressional Budget Submission

The U.S. Department of Justice has submitted its FY 2009 budget for the FBI to Congress. This report provides insight into what the FBI believes are critical threats and the initiatives it would like funded. The 2009 budget reveals cyber crime (including politically motivated crimes) as a major issue and priority of the Bureau.

The Highlights:

  1. Requests over US $54,000,000 in increased budgeting for cyber crime initiatives - more than any other FBI initiative;
  2. Protecting cyber attacks against the U.S. is the third overall priority of the Counterterrorism/Counterintelligence (CT/CI) decision unit after preventing terrorist attacks (first priority) and foreign intelligence operations and espionage (second priority);
  3. Increasing threat from "Islamist extremists who have directly expressed an interest in attacking government and private computer systems";
  4. There has been a major increase in CI/CT computer intrusion cases: from 18 pending CT/CI computer intrusion cases in 2001 to 326 cases in 2007;
  5. More than 20 terabytes of sensitive information has been stolen from military and other sensitive national interest systems; and,
  6. The FBI continues to be challenged by rapid technology changes, shortage of skill sets and limited technical forensic capabilities.

The Details:

The report provides several 'external drivers and influences' related to cyber crime:
  • Communications revolution – advances in communications technology outpace the ability of the FBI to perform court-authorized intercepts; use of encryption and other communications technologies requires closer access to end-nodes; identity theft will make perpetrator identification more difficult;
  • Technological and scientific revolutions – reduced ability for threat groups or governments to hide undercover identity of agents; increase in espionage and cyber crime against U.S. corporations... inexpensive computing technology outpaces forensic science capacities
The report also notes an important attribute of nationalist-based politically motived computer crime:
"Sub-national and non-governmental entities are expected to play an increasing role in world affairs in the coming years, presenting new “asymmetric” and non-traditional threats to the U.S. Although the U.S. will continue to occupy a position of economic and political leadership — and although other governments will also continue to be important actors on the world stage — terrorist groups, criminal enterprises, and other non-state actors will assume an increasing role in international affairs. Nation states and their governments will exercise decreasing control over the flow of information, resources, technology, services, and people."
To meet the challenge of increasing computer intrusions, the budget requests 70 new Special Agents:
"The most significant challenge facing the Cyber program in FY 2009 is improving the FBI’s capacity for addressing more sophisticated and more frequent computer intrusion events. Acquiring this capability will necessitate the addition of 70 new Special Agent positions in FY 2009."
Interestingly, the FBI's cyber initiatives receive the greatest increases of any program in FY 2009 including:
  • Computer Intrusion Program - To conduct CT, CI, and criminal computer intrusion investigations where the Internet, computers, or networks are the primary tools or targets of the activity: US $10,231,000
  • Comprehensive National Cybersecurity Initiative - To allow the FBI to combat computer intrusions that hinder U.S. national security interests: US $38,648,000
  • Cyber Training - To provide additional specialized cyber training courses: US $5,389,000
These sums are for budget line items specifically related to cyber threats and do not include amounts incorporated in other line items. These amounts are larger than the proposed investment increase for such initiatives as 'Response to a WMD Incident' with a requested funding increase of US $30,055,000.

A detailed breakdown and justification for the Computer Intrusion Program includes:
"The FBI requests 57 positions (35 agents) and $10,231,000 ($655,000 non-personnel) for its Computer Intrusion Program (CIP). The request consists of 39 field personnel (25 agents, 6 investigative support, 7 clerical and 1 Information Technology Specialist) and 18 Headquarters (HQ) personnel (10 agents and 8 Management and Program Analysts) to conduct counterterrorism (CT), counterintelligence (CI), and criminal computer intrusion-related investigations where the Internet, computers, or networks are the primary tools or targets of the activity.


"The emerging threat to the U.S. of foreign information operations is expanding rapidly. The number of actors with the ability to utilize computers for illegal, harmful, and possibly devastating purposes continues to rise; most significant is the immediate threat posed by hostile nation states to our government, military, defense industrial base, and critical infrastructure networks. More than 20 terabytes of sensitive information has been stolen to date, disrupting military operations and significantly impacting the confidence in the integrity of our national information infrastructure. There is a growing threat of Islamist extremists who have directly expressed an interest in attacking government and private computer systems. As they develop more advanced skills, Islamist extremist hackers will pose an increasing threat, especially as they are not deterred by geopolitical realities that restrain the behavior of nation-states. As the only federal agency that has the statutory authority, expertise, and ability to combine the CT, CI, and criminal resources needed to effectively address illegal computer-supported operations, the FBI is in a unique position to counter cyber threats. As attacks increase in frequency, number, and sophistication, the FBI’s workload subsequently increases. Since FY 2001, there has been a 78 percent increase in the total number of computer intrusion investigations..."

"Of particular note is the increase in CT and CI computer intrusions. In FY 2001, there were 18 pending CT/CI computer intrusion cases, and as of December 2007, there were 316 cases."

The Cyber Program is described as:
"The FBI’s Cyber Program consolidates Headquarters and field resources dedicated to combating cyber-crime under a single entity. This allows the to Cyber Program coordinate, supervise, and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as the principal instruments or targets of terrorist organizations, foreign government-sponsored intelligence operations, or criminal activity.

"Included under the purview of the Cyber Program are counterterrorism, counterintelligence and criminal computer intrusion investigations; intellectual property rights-related investigations involving theft of trade secrets and signals; copyright infringement investigations involving computer software; credit/debit card fraud where there is substantial Internet and online involvement; online fraud and related identity theft investigations; and the Innocent Images National Initiative."

The budget documents the FBI's strategies to manage the case load of cyber crimes:
"Strategies to Accomplish Outcomes - With the current FY 2009 budget enhancement, the FBI anticipates addressing an ever-increasing caseload and hence changes in the amount of subsequent convictions/pre-trial diversions. The strategies to accomplish these outcomes includes; continuing and enhancing the alliances with the Intelligence Community (IC), the coordination of intelligence across the IC, and the most critical - the chairmanship of the Strategic Alliance Cyber Crime Working Group. This strategic alliance is a key initiative that addresses the increasing need for defending national security through joint cyber training, curriculum exchanges and joint investigative initiatives among five countries. This high-profile initiative has vast potential, with the ability to identify and exploit the Counterterrorism and Counterintelligence efforts within each of the participating countries. The Working Group has put forth a set of initiatives to develop cyber crime law enforcement strategy, leverage international cooperation between governments, law enforcement, and private industry, share information and training, share and develop new tools, and educate the public. Given the transnational nature of cyber crime, it is imperative to establish effective international cooperation and develop appropriate and consistent legislation. As cyber crimes cross national boundaries, international law enforcement cooperation is crucial. Because most laws and agencies operate within national borders, gaps exist in international legal coverage and harmonization of offences [sic], and agencies seek (or provide) international assistance only when a crime impacts their interests. A lack of staff with sufficient technical skills to effectively assist in investigating cyber crimes compounds this situation."
The report also contains background information and initiatives for other cyber threats such as child pornography, identity theft and online fraud.

FY2009 DoJ Congressional Budget Submission - Federal Bureau of Investigation

No comments: