How qualified are FBI agents when it comes to handling computer-related threats to national security? Not well enough, according to a study released this week by the U.S. Department of Justice (DOJ).
DOJ officials interviewed FBI agents at 10 of the 56 field offices the agency occupies, and examined the education, work experience, and training that each agent received. Despite the Comprehensive National Cybersecurity Initiative (CNCI) assigned the bureau to ensure adequate support for investigating such crimes in 2008, nearly a third of agents were found to lack the necessary skills.
“Our audit found that of the 36 agents interviewed at the 10 field offices we visited, 64 percent of the agents assigned national security-related cyber investigations reported having the expertise needed to investigate these types of cases,” the report states. “The remaining 36 percent of these field agents reported that they lacked the networking and counterintelligence expertise to investigate national security intrusion cases. Moreover, five of the field agents we interviewed told us that they did not think they were able or qualified to investigate national security intrusions effectively.”
The DOJ also discovered that investigations were further obstructed by a lack of “forensic and analytical capability,” as well as an FBI policy that rotates agents across different offices to “promote a variety of work experience.”
FBI cyber division spokeswoman Jenny Shearer defended the agency, stating that departmental resources are limited by “congressional appropriations” and budgets are often exceeded. “We’re working hard on it,” she said.
Based upon their findings, DOJ officials recommended that the FBI develop an “intrusion specialty” for agents who are on a “cyber career path” and training courses for all agents on how to investigate “national security intrusion cases.”
Appendix VII of the report does indicate that the FBI has complied with DOJ recommendations issues. However, technology tends to evolve much more rapidly than government offices. Cyber attacks like that carried out against the Canadian government in February highlight the need for agents who can navigate systems as well as the criminals. The risk of such an attack will likely never be eliminated, but all agents assigned to investigate these crimes need to be technologically competent enough to handle them.
