The FBI’s Role in Cybersecurity

Today, Richard P. Quinn, National Security Special Agent in Charge for the FBI’s Philadelphia Field Office, gave a statement before the House Homeland Security Committee, Subcommittee on Cyber Security, Infrastructure Protection, and Security Technologies.  In the statement, Quinn outlined the FBI’s role in cybersecurity.  Here are the takeaways:

• The Cyber Threat and the FBI Response.  Recognizing the broad range of entities that present a cyber threat–state-sponsored hackers, hackers for hire, global cyber syndicates, and terrorists–the FBI is: (1) “prioritizing high-level intrusions”; (2) working in cooperation with federal, state, and local Cyber Task Forces and through the National Cyber Investigative Joint Task Force (NCIJTF); (3) partnering with the private sector; and, (4) coordinating overseas cyber investigations and supporting key partners, such as The Hague.

• Recent Successes.  To name a few:
  • By “targeting infrastructure [the FBI] believe[s] has been used in distributed denial of service (DDoS) attacks[,]” the FBI has enabled “foreign partners to take action” and reduced the “effectiveness of the botnets and the DDos attacks[]”;
  • Operation Clean Slate–an FBI Cyber Division initiative to disrupt and dismantle botnets threatening US security–“to date . . . has resulted in several successes[,]” including the disruption of Citadel Botnet and ZeroAccess Botnet;
  • Aleksandry Andreevich Panin pled guilty in January of this year to conspiracy to commit wire and bank fraud, charges arising from his role in developing Spyeye, which is “malicious software” that “infected more than 1.4 million computers.”

• Next Generation Cyber Initiative.  Briefly, “[t]he FBI’s Next Generation Cyber Initiative, which [it] launched in 2012, entails a wide range of measures, including focusing the Cyber Division on intrusions into computers and networks–as opposed to crimes committed with a computer as a modality; establishing Cyber Task Forces in each of [the FBI’s] 56 field offices to conduct cyber intrusion investigations and respond to significant cyber incidents; hiring additional computer scientists to assist with technical investigations in the field; and expanding partnerships and collaboration at the NCITJF.”

• Private Sector Outreach.  “The FBI’s newly established Key Partnership Engagement Unit (KPEU) manages a targeted outreach program focused on building relationships with senior executives of key private sector corporations.  Through utilizing a tiered approach, the FBI is able to prioritize our efforts to better correlate potential national security threat levels with specific critical infrastructure sectors.”

You can read the full statement here.