April 29, 2011, 11:35 AM — Despite its growing digital surveillance capabilities and increasing responsibility for investigating and countering cyber attacks on the U.S., the FBI's core cyber security division turns out to be basically incompetent, according to a critical report from the Dept. of Justice. [PDF]
Part of the reason is that the 14 agencies that share some responsibility for online counter-espionage don't share information well. Another contributor is the lack of effective pressure from top managers to get agents trained in national-security intrusion topics and tactics.
Most of the reason is that the FBI spends twice as much effort investigating child porn as it does attempts by foreign governments to attack U.S. facilities or steal information that would damage U.S. national security, the report found.
To put that in perspective, the number of foreign attacks on the U.S. increased 40 percent between 2007 and 2008, according to the report, whose data are pretty old for such a sensitive topic.
An April study from McAfee showed 80 percent of utilities in 14 countries had been attacked during the previous year, an increase of almost 50 percent compared to the year before. Attacks ranged from distributed denial of services to intrusions to remove data to intrusions that attempted to take control of the utility's internal IT systems.
And that's just among civilian-run utility companies.
State Dept. documents released through WikiLeaks this month showed that years-long cyberattacks launched by the Chinese military had netted "terabytes" of sensitive data ranging from names and passwords that would give access to State Department computers, to the design of major weapons systems.
The "Byzantine Hades" attacks – and others coming from Russia and other unfriendly powers – represent a new state of cyberwar the U.S. is not yet prepared to fight.
The attacks have been so successful "we have given up on the idea we can keep our networks pristine," according to Stewart Baker, a former senior cyber-security official at the U.S. Department of Homeland Security and National Security Agency.
The focus has shifted instead to more sophisticated efforts to detect and counter intrusions as they're made.
