Mueller: Cyber experts need offline investigative skills
- By Adam Mazmanian
- May 22, 2014
Robert Mueller said cybercrime investigators must be able to take the fight beyond cyberspace.
Former FBI director Robert Mueller put in a good word for his old agency's improving cybercrime and cybersecurity workforce development, even as the federal government is ramping up efforts to recruit and train qualified personnel.
The FBI has about 1,000 highly skilled agents and technical professionals with advanced computer science capabilities, Mueller said in an appearance at the Cybersecurity Law Institute at Georgetown University Law Center. More important, he said, the bureau is inculcating awareness of cyber threats at all levels, from the director's office on down.
"To know and understand any investigation, you have to have some level of cyber understanding," Mueller said.
FBI Director James Comey recently made waves by suggesting that the bureau might have to relax its rules on marijuana use when recruiting computer experts. Although Comey has since backpedaled, the mini-tempest is illustrative of the challenges faced by law enforcement in attracting top computer talent.
Despite ongoing issues with recruitment, the FBI has laid a solid foundation of cybercrime-fighting capabilities, Mueller said, and cross-agency coordination in particular has improved dramatically in the past decade. The National Cyber Investigative Joint Task Force, for instance, brings together 18 agencies that maintain cyber information, including the National Security Agency and the Department of Homeland Security.
"It's important to have those entities in one room and access to those databases" to identify the nation-state or organized crime group responsible for a breach before the trail grows cold, Mueller said.
And he added that cyber warriors must be able to take the fight to other battlefields -- offline and outside the nation's capital.
"My expectation is that in the future we will have virtual squads to make use of the capabilities we have in the organization," he said, rather than have everyone with cybersecurity skills based in the Washington, D.C., area.
And although computer skills are crucial, FBI agents also need the ability to track cyber clues offline wherever investigations take them. "You have to have the traditional skills," Mueller said, including an understanding of China and the cyber activities of the People's Liberation Army, state-sponsored hackers in Iran and Russia, and organized crime networks. "It's not just tracing it back on the Internet."
The recent indictment of five Chinese army hackers by the Justice Department are a case in point. The investigation tracked the infiltration into U.S. corporate networks over a period of eight years and uncovered not just allegations of specific intrusions but also commercial links between the hackers and Chinese firms that could have potentially benefited from the stolen information.
"It does put China on notice as to not only what we've seen but what we're willing to do in terms of disclosing that behavior," Mueller said. The indictments could also have a deterrent effect on hackers everywhere, he added.
"People don't focus sufficiently on the bodies behind the computers," he said. "Talk on the Hill is all about protecting databases [and] sharing information. But there's not much talk about upping the ante in terms of penalties for persons engaged in this behavior."
Although the five Chinese hackers named in the indictment are unlikely to see the inside of a U.S. courtroom, the 10- and 15-year penalties for offenses such as conspiring to commit computer fraud and stealing trade secrets might get the attention of would-be cybercriminals.
Adam Mazmanian is FCW's senior staff writer, and covers Congress, health IT and governmentwide IT policy. Connect with him on Twitter: @thisismaz.