Despite a push to bulk up its security expertise, the FBI in some case lacks the skills to properly investigate national security intrusions.
That was one of the major conclusions found in the US Department of Justice inspector general audit of the FBI's ability to address national security cyberthreats today. The DOJ looked at 10 of the 56 FBI field offices and interviewed 36 agents. Of those interviewed, 13 "lacked the networking and counterintelligence expertise to investigate national security intrusion cases".
The good news of course is that the audit found 23 of the agents there were qualified to handle national cyber intrusions, which are the FBI's top online priority. The report says that each of the FBI's 56 field offices has a cyber squad - some have more than one - devoted to cybercrime.
The report went on to say that the FBI's strategy of rotating agents every three years among FBI field offices, in an effort to encourage a variety of work experiences, hinders the agents' cybersecurity abilities. That's because upon transfer, these agents may not be assigned a cybersecurity function at the new office, wasting their expertise.
The DOJ also said many field office cyberforensic and analytical capabilities were "inadequate". The report was also critical of the FBI's inter-agency cybersecurity task force to share investigation information with other task force members.
Since 2007, the FBI has offered agents a Cyber Development Plan that includes 12 core security courses they can complete in five to seven years. However, the FBI redacted the number of agents who have completed the coursework from the report.
In the past year or so the FBI has been trying to hire security specialists. In 2009 it said it was hiring some 3,000 new employees that would include agents and IT professionals to language specialists.
Interestingly, the report follows one of the FBI biggest cyberthreat success stories, the taking down of the CoreFlood botnet.