FBI's Ability To Disrupt Cybercrime Has Deteriorated

Uploaded on 2018-01-19 in NEWS-News Analysis, GOVERNMENT-Law Enforcement, FREE TO VIEW

FBI agents took down or disrupted only about one-tenth as many cyber-criminal operations during the 2017 fiscal year as they did three years earlier, according to annual reports.

The number of cyber-crime operations that FBI agents dismantled or disrupted fell from nearly 2,500 in fiscal year 2014, the first year reliable records were kept, to just 262 in fiscal year 2017, according to annual audits.

Agents disrupted or dismantled 510 cyber-crime operations in fiscal year 2015 and 259 operations in fiscal year 2016, according to the audits.

The FBI missed its own target of 500 disruptions or dismantlements in fiscal years 2016 and 2017, according to the report.

Despite missing that goal, the FBI’s cyber division “made noteworthy progress towards neutralising global cyber threats,” according to the 2017 report. The bureau also continues to list cyber operations as one of its major priorities and officials frequently highlight cyber operations during public events.

Dismantlement means that the organisation’s financial base and supply networks have all been rendered inoperable, according to the audit documents, while disruptions mark major milestones on the road to dismantlement.

It’s not clear if the ten-fold reduction in disruptions and dismantlements reflects a shift in FBI priorities, a change in tactics or some other cause.

An FBI spokesman declined to comment on the figures or to provide additional context.

The audit documents don’t describe any change in definitions or methodology that might account for the massive reduction.

FBI budget documents don’t break out year-on-year cyber operations funding, which might give another clue to the reduction.

The disruption and dismantlement numbers also don’t account for the varying size and complexity of cyber-crime operations, which can range from a few miscreants trading in stolen credit card numbers to major financial fraud operations and global botnet armies.

Private-sector analyses have typically shown that the financial damage from cyber-crime has grown year on year, though it’s notoriously difficult to suss-out hard numbers in the murky world of cyberspace.  

The FBI is working on improving how it describes and prioritises cyber threats, following a 2016 recommendation from the bureau’s internal auditor, according to the 2017 report.

The FBI’s current methodology “does not prioritise cyber threats in an objective, data-driven, reproducible, and auditable manner,” the bureau’s inspector general found.

DefenseOne:

You Might Also Read: 

FBI Fingerprint Software Might Contain Russian code:

Fighting Digital Crime: Evolving Police Methods:

« The Top 5 Tech Trends For 2018
4 Steps To Get Ready For GDPR »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Caliber Security Partners

Caliber Security Partners

Caliber Security Partners is a full-service information security company, with a wide range of security services for clients with varying levels of security maturity.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

IABG

IABG

Activities include consulting services in the development of software systems in the area of secure information and data communication.

CyberForce Competition

CyberForce Competition

The CyberForce Competition is a US Department of Energy cyber defense competition that focuses on the defensive/hardening aspects of energy cyber infrastructure.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

Get Indemnity

Get Indemnity

Get Indemnity are specialist insurance brokers with experience working on a wide range of innovative business insurance products that combine risk management, indemnity and incident response services.

Cyber Security Cloud (CSC)

Cyber Security Cloud (CSC)

Cyber Security Cloud provides web application security services worldwide using world's leading cyber threat intelligence and AI technology.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

Onesecure Asia

Onesecure Asia

ONESECURE Asia’s expertise and services are built around its mission to provide reliable, robust and scalable technology solutions to cater for its customers’ needs.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

Institute for Pervasive Cybersecurity - Boise State University

Institute for Pervasive Cybersecurity - Boise State University

Boise State University’s Institute for Pervasive Cybersecurity is a leader of innovative cybersecurity research and advancement in Idaho and the region.

Cyber Security Authority (CSA) - Ghana

Cyber Security Authority (CSA) - Ghana

The Cyber Security Authority has been established to regulate cybersecurity activities in Ghana.

Grove Security

Grove Security

Grove provides businesses with the tools that work best for their unique operations, through cybersecurity and cloud services, custom software development and our big data analytics expertise.

US Department of State - Bureau of Cyberspace & Digital Policy

US Department of State - Bureau of Cyberspace & Digital Policy

The Bureau of Cyberspace and Digital Policy leads and coordinates the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace.