New US National Cyber Investigative Joint Task Force Will Be Led by FBI

Since 2007, the FBI has very quietly put together a cadre of professionals with U.S. intelligence and other agencies to help battle crime on the Internet to help identify and respond to cyber threats against the United States. The name of the group is the National Cyber Investigative Joint Task Force (NCIJTF), and the FBI has a number of persons training together at an unnamed location near Washington. The leader of the new group is Shawn Henry, the FBI's deputy assistant director of the cyber division. Henry has stated the group is made up of intelligence, law-enforcement and other agencies from the U.S. government.

The FBI claims in a press release about the group that they plan on, “Expanding the National Cyber Investigative Joint Task Force (NCIJTF), to include representation from the U.S. Secret Service and several other federal agencies. This existing cyber investigation coordination organization overseen by the Federal Bureau of Investigation will serve as a multi-agency national focal point for coordinating, integrating, and sharing pertinent information related to cyber threat investigations.”

About the joint project, the Department of Homeland Security says the task force is being enlarged to include the U.S. Secret Service and other federal agencies. The Secret Service claims that part of the job of fighting counterfeiting will be to investigates "computer-based attacks on our nation's financial, banking, and telecommunications infrastructure."

FBI Director Robert Mueller describes the force as a partnership between agencies to counter cyber threats from foreign intelligence. He wrote, “We are also uniquely positioned to investigate counterintelligence threats in the cyber arena. The FBI is partnered in the National Cyber Investigative Joint Task Force with elements of the intelligence community to investigate and respond to counterintelligence cyber threats.”

The FBI says the NCIJTF will have several parts, being “two complimentary components, the Information Operations Group (IOG) and the Analytical Group (AG).” The leadership, being the NCIJTF AG, will proceed by seeking to “synthesize a common operating picture of hostile intrusion related activity to aid investigations, reviews all-source data, and produces quarterly reports. The NCIJTF IOG provides a forum for de-conflicting and collaborating on investigations and provides centralized coordination of operational initiatives.”

The FBI describes the structure and approach of the NCIJTF, saying it will work by using shared investigation and resources, and will have six goals it follows:

“1) serve as the primary interface among the participating agencies and other agencies; 2) develop a global view of information warfare activity; 3) identify intelligence gaps; 4) create a strategic framework to develop operations; 5) de-conflict investigations and operations among participants; and, 6) generate timely intelligence to support operations and to allow targeted entities to harden their networks.”

The FBI budget asks for: “211 positions (35 Agents and 113 Intelligence Analysts) and $38,648,000 in personnel and non-personnel funding in support of investigative, intelligence, and technical requirements of the Comprehensive National Cybersecurity Initiative.”

These funds will be used for, “infrastructure requirements, cyber training, intelligence/information sharing and analysis resource requirements, equipment funding for the continued operations and maintenance costs of its Consolidated Collection CALEA Cell Site Server and Carrier Records Digital Interfacing efforts”

The Government says the purpose of the NCIJTF is to mitigate and eliminate cyber threats. The FBI plans to do this by approaching the threats from many different angles, employing, “sufficient numbers of investigators to identify, monitor, disrupt, and eventually predict additional hostile activity. Identifying the threat requires responding to all computer network intrusions affecting U.S. national security and collecting intelligence that provides insight into the tradecraft and command and control. Effectively predicting and disrupting the threat requires targeting the organizations and people behind this activity. The FBI must leverage current authorities, technology, and IC partnerships to expand current and develop new operational initiatives designed to identify the methods of attack, prove state sponsorship, and proactively disrupt the foreign exploitation of U.S. computer networks.”

As to the U.S. attitude towards cyber terrorism, Henry replied: "Our response has to constantly change and grow because the threat is constantly changing and growing."