Information sharing at times is lacking within a FBI-led multi-agency task force created to coordinate and integrate and share information at a national level for the investigation into cyber intrusions, the Department of Justice’s (DoJ) Inspector General’s Office says in a new report.
The recently released report also says that about one-third of the FBI’s field agents assigned to investigate cyber intrusions lacked key capabilities to do so.
The IG interviewed 36 agents in 10 of the FBI’s 56 field offices and 36 percent said “that they lacked the networking and counterintelligence expertise to investigate national security intrusion cases,” says the report, The Federal Bureau of Investigation’s Ability to Address the National Security Cyber Intrusion Threat (Audit Report 11-22). “Moreover, five of the agents we interviewed told us they did not think they were able or qualified to investigate national security intrusions effectively.”
Another shortfall that the IG found in the field offices was in the areas of forensics and analytics to conduct support cyber intrusion investigations.
Sen. Susan Collins (R-Maine), the ranking member on the Senate Homeland Security and Governmental Affairs Committee, responded to the IG’s report that “it is so troubling that the federal government has not adequately trained its cyber professionals to combat these threats,” citing cyber attacks on small and medium-size businesses in the United States as well as attacks against the federal government.
As for the FBI-led National Cyber Investigative Joint Task Force (NCIJTF), the IG says the FBI has completed interim goals such as an operational plan and the establishment of threat focus cells for the multi-agency task force and “identified techniques and tactics being used to attack U.S. computer networks.”
But at times the NCIJTF isn’t sharing information between its member agencies, the report says. Although partner agencies within the task force are co-located and are expected to work together daily, the IG says “some agencies were often asked to leave” meetings where new information was being shared.
The IG also says that information sharing is supposed to be done using a common framework, yet four presidentially-mandated agencies and only eight of 14 partner agencies have signed a memorandum of understanding about how information sharing should be done.