FBI organizes defense against cyber-attacks

FBI organizes defense against cyber-attacks
FBI organizes defense against cyber-attacks 

By Shaun Waterman
United Press International
April 21, 2008

The FBI quietly established last summer a task force involving U.S. 
intelligence and other agencies to identify and respond to cyberthreats 
against the United States.

Called the National Cyber Investigative Joint Task Force, the group has 
"several dozen" personnel working together at an undisclosed location in 
the Washington area, said Shawn Henry, the FBI's deputy assistant 
director of its cyberdivision.

In an interview with United Press International, Mr. Henry was 
tight-lipped about the task force's composition, saying only that it 
involved "several intelligence, law-enforcement and other agencies from 
across the U.S. government."

Documents released earlier this month by the Homeland Security 
Department said the task force was being expanded "to include 
representation from the U.S. Secret Service and several other federal 

During congressional testimony last year, FBI Director Robert S. Mueller 
III said the task force was a partnership with other agencies to deal 
with cyberthreats from foreign intelligence.

The FBI's justification for next year's budget, in which it has 
requested an additional 70 agents and more than 100 support personnel 
for its cyberdivision, says the task force "seeks to address 
cyber-intrusions presenting a national security threat."

The idea, Mr. Henry said, is for the partner agencies to "share 
information and make sure we're not overlapping in our response."

"If you serve a physical search warrant, and other agencies are 
involved, you can see them at the door," he said, adding that in virtual 
investigations it was more difficult to know who else might be on the 

"We're sharing investigative and threat information," he said, "looking 
at the attacks [each agency is] seeing and the methodologies being 

>From the FBI's point of view, Mr. Henry added, the task force "allows us 
to get visibility for our field offices across the country" into how 
threats are developing and what investigations are going on.

The task force looks at "all cyberthreats," he said, but is focused on 
"organizations that are targeting U.S. infrastructure."

He declined to comment further, but in recent congressional testimony, 
Director of National Intelligence Michael McConnell named Russia and 
China as among the most important cyber-adversaries for the United 

Mr. Henry said it is important to be "adversary neutral" in combating 

"A network can be attacked by a terrorist group, a foreign power, or a 
hacker kid from Oklahoma City ... Networks need to be protected from all 
threats because once [sensitive] data has been stolen, it can be 
transferred anywhere," he said.

In recent testimony, Mr. McConnell said the U.S. government is "not 
prepared to deal with" the cyberthreats it faces. And Homeland Security 
Secretary Michael Chertoff told a bloggers roundtable last month that 
cybersecurity is "the one area in which I feel we've been behind where I 
would like to be."

Asked whether the U.S. government is getting a handle on the problem, 
Mr. Henry said, "Our response has to constantly change and grow because 
the threat is constantly changing and growing."

He said that one of the most-worrying aspects of cyberthreats is the 
extent to which "the offense outstrips the defense."

"The pace of technological change ... the increasing connectivity [of 
networks] creates more opportunity for exploitation" of vulnerabilities, 
he said.

Subscribe to the InfoSec News RSS Feed 

Site design & layout copyright © 1986-2014 CodeGods