FBI's Ability To Disrupt Cybercrime Has Deteriorated

Uploaded on 2018-01-19 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

FBI agents took down or disrupted only about one-tenth as many cyber-criminal operations during the 2017 fiscal year as they did three years earlier, according to annual reports.

The number of cyber-crime operations that FBI agents dismantled or disrupted fell from nearly 2,500 in fiscal year 2014, the first year reliable records were kept, to just 262 in fiscal year 2017, according to annual audits.

Agents disrupted or dismantled 510 cyber-crime operations in fiscal year 2015 and 259 operations in fiscal year 2016, according to the audits.

The FBI missed its own target of 500 disruptions or dismantlements in fiscal years 2016 and 2017, according to the report.

Despite missing that goal, the FBI’s cyber division “made noteworthy progress towards neutralising global cyber threats,” according to the 2017 report. The bureau also continues to list cyber operations as one of its major priorities and officials frequently highlight cyber operations during public events.

Dismantlement means that the organisation’s financial base and supply networks have all been rendered inoperable, according to the audit documents, while disruptions mark major milestones on the road to dismantlement.

It’s not clear if the ten-fold reduction in disruptions and dismantlements reflects a shift in FBI priorities, a change in tactics or some other cause.

An FBI spokesman declined to comment on the figures or to provide additional context.

The audit documents don’t describe any change in definitions or methodology that might account for the massive reduction.

FBI budget documents don’t break out year-on-year cyber operations funding, which might give another clue to the reduction.

The disruption and dismantlement numbers also don’t account for the varying size and complexity of cyber-crime operations, which can range from a few miscreants trading in stolen credit card numbers to major financial fraud operations and global botnet armies.

Private-sector analyses have typically shown that the financial damage from cyber-crime has grown year on year, though it’s notoriously difficult to suss-out hard numbers in the murky world of cyberspace.  

The FBI is working on improving how it describes and prioritises cyber threats, following a 2016 recommendation from the bureau’s internal auditor, according to the 2017 report.

The FBI’s current methodology “does not prioritise cyber threats in an objective, data-driven, reproducible, and auditable manner,” the bureau’s inspector general found.

DefenseOne:

You Might Also Read: 

FBI Fingerprint Software Might Contain Russian code:

Fighting Digital Crime: Evolving Police Methods:

« The Top 5 Tech Trends For 2018
4 Steps To Get Ready For GDPR »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

SCADAhacker

SCADAhacker

SCADAhacker provides mission critical information relating to industrial security of SCADA, DCS and other Industrial Control Systems.

Metasploit

Metasploit

Metasploit penetration testing software helps find security issues, verify vulnerabilities and manage security assessments.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

BoldCloud

BoldCloud

BoldCloud's award winning Cybersecurity Advisory services and Layered Security approach adds new critical layers of protection for your data and your business.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

BlackDice Cyber

BlackDice Cyber

Threat Intelligence is only part of the solution. Our solution matches threats to vulnerabilities and automatically takes remedial action against compromised apps, devices and websites.

Cider Security

Cider Security

Cider Security - It’s time to revolutionize the way Security, Dev and DevOps teams work together to supercharge security at the speed of engineering.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Google Cloud

Google Cloud

Accelerate your digital transformation. Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.

Keytos

Keytos

Keytos has revolutionized the Identity Management and PKI industry by creating cryptographic tools that allow you to go password-less by making security transparent to the user.

Cyber News Live

Cyber News Live

Welcome to Cyber News Live (CNL), we are dedicated to keeping everyone safe online. We provide vital information.

Emantra

Emantra

Emantra specialises in the enablement of Secure Cloud services through it’s comprehensive Sovereign Cloud Hosting, Secure Access Service Edge, and managed services.

Oak9

Oak9

Oak9's Security as Code platform dynamically secures Infrastructure as Code (IaC) and deployed cloud workloads, automatically.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.

Softanics

Softanics

Softanics’ ArmDot protects .NET apps with advanced obfuscation, control flow protection, and virtualization, securing code against reverse engineering without requiring agents or environment changes.