Cybersecurity

Mueller: Cyber experts need offline investigative skills

Robert Mueller said cybercrime investigators must be able to take the fight beyond cyberspace.

Former FBI director Robert Mueller put in a good word for his old agency's improving cybercrime and cybersecurity workforce development, even as the federal government is ramping up efforts to recruit and train qualified personnel.

The FBI has about 1,000 highly skilled agents and technical professionals with advanced computer science capabilities, Mueller said in an appearance at the Cybersecurity Law Institute at Georgetown University Law Center. More important, he said, the bureau is inculcating awareness of cyber threats at all levels, from the director's office on down.

"To know and understand any investigation, you have to have some level of cyber understanding," Mueller said.

FBI Director James Comey recently made waves by suggesting that the bureau might have to relax its rules on marijuana use when recruiting computer experts. Although Comey has since backpedaled, the mini-tempest is illustrative of the challenges faced by law enforcement in attracting top computer talent.

Despite ongoing issues with recruitment, the FBI has laid a solid foundation of cybercrime-fighting capabilities, Mueller said, and cross-agency coordination in particular has improved dramatically in the past decade. The National Cyber Investigative Joint Task Force, for instance, brings together 18 agencies that maintain cyber information, including the National Security Agency and the Department of Homeland Security.

"It's important to have those entities in one room and access to those databases" to identify the nation-state or organized crime group responsible for a breach before the trail grows cold, Mueller said.

And he added that cyber warriors must be able to take the fight to other battlefields -- offline and outside the nation's capital.

"My expectation is that in the future we will have virtual squads to make use of the capabilities we have in the organization," he said, rather than have everyone with cybersecurity skills based in the Washington, D.C., area.

And although computer skills are crucial, FBI agents also need the ability to track cyber clues offline wherever investigations take them. "You have to have the traditional skills," Mueller said, including an understanding of China and the cyber activities of the People's Liberation Army, state-sponsored hackers in Iran and Russia, and organized crime networks. "It's not just tracing it back on the Internet."

The recent indictment of five Chinese army hackers by the Justice Department are a case in point. The investigation tracked the infiltration into U.S. corporate networks over a period of eight years and uncovered not just allegations of specific intrusions but also commercial links between the hackers and Chinese firms that could have potentially benefited from the stolen information.

"It does put China on notice as to not only what we've seen but what we're willing to do in terms of disclosing that behavior," Mueller said. The indictments could also have a deterrent effect on hackers everywhere, he added.

"People don't focus sufficiently on the bodies behind the computers," he said. "Talk on the Hill is all about protecting databases [and] sharing information. But there's not much talk about upping the ante in terms of penalties for persons engaged in this behavior."

Although the five Chinese hackers named in the indictment are unlikely to see the inside of a U.S. courtroom, the 10- and 15-year penalties for offenses such as conspiring to commit computer fraud and stealing trade secrets might get the attention of would-be cybercriminals.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy, health IT and the Department of Veterans Affairs. Prior to joining FCW, Mr. Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian started his career as an arts reporter and critic, and has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, Architect magazine, and other publications. He was an editorial assistant and staff writer at the now-defunct New York Press and arts editor at the About.com online network in the 1990s, and was a weekly contributor of music and film reviews to the Washington Times from 2007 to 2014.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


The Fed 100

Read the profiles of all this year's winners.

Featured

  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group