FBI: Our hacker force inadequate

[mea culpa <jericho () DIMENSIONAL COM>]

From: Robert Kemp <sensuant () hotmail com>


FBI: Our hacker force inadequate

WASHINGTON (AP) - The FBI is teaching agents across the country how to
investigate threats posed by computer-savvy terrorists and hackers trying
to break into the nation's most sensitive data networks.  But so far, the
bureau has been able to train agents in only a handful of its biggest
field offices.

That shortfall, disclosed in congressional testimony by the head of the
FBI's National Infrastructure Protection Center, comes during a time of
growing recognition within the federal government that even some of the
nation's most critical computer networks are inadequately protected.

Michael Vatis, director of the NIPC, told the Senate Judiciary technology
and terrorism subcommittee Wednesday that the FBI has trained teams of at
least seven cyber agents each in field offices in Washington, New York,
San Francisco, Los Angeles and four other cities.

But ''because of resource constraints, the other field offices have only
one to five agents dedicated to working on ... (computer intrusion)
matters,'' Vatis told the Senate panel.

''Our bench is thin, very thin,'' Vatis told The Washington Post. ''We
have put together a good starting lineup. But if we had several major
incidents at the same time, we would be severely stretched, to put it
mildly.''

The FBI's case load for computer hacking and intrusion investigations
continues to grow dramatically, too. Vatis said the agency has 800 pending
cases, and the number of those investigations has doubled every year for
the past two years.

The General Accounting Office released a report earlier this week warning
that computer systems at the Defense Department, law enforcement agencies
and private companies are at risk because of poor management and lax
oversight.

Experts said it will take more than the federal government to tighten
security on its networks.

''All our efforts to put the federal government's house in order and to
serve as a model for industry will be of little service if our government
information systems are impossible to break into, but the electrical power
that they operate on is shut down by malicious actions of a foreign
government,'' said John Tritak, director of the government's Critical
Infrastructure Assurance Office.

Vatis also publicly acknowledged for the first time that the FBI believes
hackers suspected of breaking into some of America's most sensitive
networks earlier this year were based in Russia.

Those attacks, dubbed ''Moonlight Maze'' by investigators, were first
reported in July by a London newspaper. Citing congressional sources, the
paper said the attackers may have stolen some of the nation's most
sensitive military secrets, including weapons guidance systems and naval
intelligence codes.

The intruders have stolen ''unclassified but still-sensitive information
about essentially defense technical research matters,'' Vatis said.
''About the furthest I can go is to say the intrusions appear to originate
in Russia,'' he told the subcommittee.

ISN is sponsored by Security-Focus.COM