Jim Kouri
FBI undergoes internal threat assessment
By Jim Kouri
Internal security is vital to the Federal Bureau of Investigation's efforts to protect the United States. As the agency responsible for counterintelligence, counterterrorism, cyber, and major criminal investigations, the FBI is a high-priority target for virtually every hostile and many otherwise friendly intelligence services, terrorist organizations, criminal groups, and individuals with grievances against the US Government.
The nature of the threat posed by these various groups and individuals is a function of their intent, and thus varies with the particular agenda of each. Criminal groups, for example, benefit from knowing specifics of ongoing investigations. Timely knowledge of who is under investigation, which communication lines are under surveillance, or who is providing information to the government can effectively cripple an ongoing case.
Because of its high visibility as a well-known element of the US Government, many terrorist groups view the FBI as a desirable target for attack. Because of these threats, the director of the FBI took immediate action to consolidate and centralize management of security programs by placing responsibility and authority for all such programs under its relatively new security division.
The security program will expand over the next five years guided by a philosophy of evolutionary rather than revolutionary change. It is assuming an oversight role in the management of security programs that were previously controlled by the field offices and the FBI Headquarters' divisions. The FBI recognizes that all security threats, vulnerabilities, and risks must be identified, assessed, evaluated, and managed using a systematic and rational process as part of a continuing operational strategy.
Security and counterintelligence professionals generally agree that the most significant threat to an organization's internal security is betrayal by a trusted insider. An individual with legitimate access who chooses to betray the FBI's trust is particularly damaging because compromise of information may continue over an extended period of time and encompass a wide range of programs. Worse, the insider can target his or her activities to compromise the information most relevant to the needs of the adversary. If undetected over a period of time, a person could rise to a leadership position within an organization from which he or she may influence policy.
To enhance countermeasures against these threats, the FBI developed, implemented, and expanded its Financial Disclosure and Personnel Security Polygraph Programs. These measures have already minimized the threat, but additional actions are needed to further protect the FBI and the nation.
The proliferation of information technology in recent years has resulted in dramatic changes in the threat environment. The explosion in electronic data handling has profoundly altered the manner in which most modern organizations, including the FBI, manage information.
While modern technology allows the storage, movement, and retrieval of vast amounts of data to the benefit of investigators and analysts, it also allows, absent highly sophisticated security precautions, the lightning-fast theft of vast amounts of information, or the crippling of response capabilities in a time of crisis.
Experience has shown that the cyber threat is typically a human problem, not a technical problem. Even though it is true that information systems and networks offer attractive targets, it is invariably the human element in those systems that make them exploitable. Information systems and networks have human involvement during the complete system lifecycle. They are vulnerable during construction, shipment, installation, operation, maintenance, and disposal.
Advanced technology solutions alone will not solve the problem. The approach must be multidisciplinary and must cover the complete lifecycle of information systems, data, and human intervention. To meet these threats, the FBI developed and implemented a Certification and Accreditation process that has been incorporated into the organization's information technology investment and development lifecycle, including all legacy systems.
However, additional measures are needed to further protect the FBI from the compromise of its information technology systems.
The unique position occupied by the FBI within the US Government and in the public consciousness makes it a high priority target for terrorist groups seeking publicity, for criminal organizations wishing to intimidate or take reprisal, and for lone malcontents with specific grievances. No other federal government agency deals as directly, in what is nearly always an adversarial fashion, with the variety and number of violence-prone groups as does the FBI.
Bomb threats and threats of other violence involving FBI facilities and personnel, while not commonplace, occur with sufficient frequency to generate increasing concern. There are an increasing number of threats directed at individual agents and their families as intimidation or retribution for activities carried out in the performance of their official duties.
Since 9/11, increasing numbers of FBI personnel have been dispatched to areas of recurring terrorist and insurgent activities including Afghanistan, Saudi Arabia, and Iraq. The Security Division established a Risk Analysis Staff, which uses analytical risk management methodology to guide the development of threat analysis and development of appropriate risk mitigation decisions. Additional measures will be implemented to further reduce both the risk and consequences of an attack.
Sources: US Department of Justice, Federal Bureau of Investigation, National Association of Chiefs of Police
© Jim Kouri
Internal security is vital to the Federal Bureau of Investigation's efforts to protect the United States. As the agency responsible for counterintelligence, counterterrorism, cyber, and major criminal investigations, the FBI is a high-priority target for virtually every hostile and many otherwise friendly intelligence services, terrorist organizations, criminal groups, and individuals with grievances against the US Government.
The nature of the threat posed by these various groups and individuals is a function of their intent, and thus varies with the particular agenda of each. Criminal groups, for example, benefit from knowing specifics of ongoing investigations. Timely knowledge of who is under investigation, which communication lines are under surveillance, or who is providing information to the government can effectively cripple an ongoing case.
Because of its high visibility as a well-known element of the US Government, many terrorist groups view the FBI as a desirable target for attack. Because of these threats, the director of the FBI took immediate action to consolidate and centralize management of security programs by placing responsibility and authority for all such programs under its relatively new security division.
The security program will expand over the next five years guided by a philosophy of evolutionary rather than revolutionary change. It is assuming an oversight role in the management of security programs that were previously controlled by the field offices and the FBI Headquarters' divisions. The FBI recognizes that all security threats, vulnerabilities, and risks must be identified, assessed, evaluated, and managed using a systematic and rational process as part of a continuing operational strategy.
Security and counterintelligence professionals generally agree that the most significant threat to an organization's internal security is betrayal by a trusted insider. An individual with legitimate access who chooses to betray the FBI's trust is particularly damaging because compromise of information may continue over an extended period of time and encompass a wide range of programs. Worse, the insider can target his or her activities to compromise the information most relevant to the needs of the adversary. If undetected over a period of time, a person could rise to a leadership position within an organization from which he or she may influence policy.
To enhance countermeasures against these threats, the FBI developed, implemented, and expanded its Financial Disclosure and Personnel Security Polygraph Programs. These measures have already minimized the threat, but additional actions are needed to further protect the FBI and the nation.
The proliferation of information technology in recent years has resulted in dramatic changes in the threat environment. The explosion in electronic data handling has profoundly altered the manner in which most modern organizations, including the FBI, manage information.
While modern technology allows the storage, movement, and retrieval of vast amounts of data to the benefit of investigators and analysts, it also allows, absent highly sophisticated security precautions, the lightning-fast theft of vast amounts of information, or the crippling of response capabilities in a time of crisis.
Experience has shown that the cyber threat is typically a human problem, not a technical problem. Even though it is true that information systems and networks offer attractive targets, it is invariably the human element in those systems that make them exploitable. Information systems and networks have human involvement during the complete system lifecycle. They are vulnerable during construction, shipment, installation, operation, maintenance, and disposal.
Advanced technology solutions alone will not solve the problem. The approach must be multidisciplinary and must cover the complete lifecycle of information systems, data, and human intervention. To meet these threats, the FBI developed and implemented a Certification and Accreditation process that has been incorporated into the organization's information technology investment and development lifecycle, including all legacy systems.
However, additional measures are needed to further protect the FBI from the compromise of its information technology systems.
The unique position occupied by the FBI within the US Government and in the public consciousness makes it a high priority target for terrorist groups seeking publicity, for criminal organizations wishing to intimidate or take reprisal, and for lone malcontents with specific grievances. No other federal government agency deals as directly, in what is nearly always an adversarial fashion, with the variety and number of violence-prone groups as does the FBI.
Bomb threats and threats of other violence involving FBI facilities and personnel, while not commonplace, occur with sufficient frequency to generate increasing concern. There are an increasing number of threats directed at individual agents and their families as intimidation or retribution for activities carried out in the performance of their official duties.
Since 9/11, increasing numbers of FBI personnel have been dispatched to areas of recurring terrorist and insurgent activities including Afghanistan, Saudi Arabia, and Iraq. The Security Division established a Risk Analysis Staff, which uses analytical risk management methodology to guide the development of threat analysis and development of appropriate risk mitigation decisions. Additional measures will be implemented to further reduce both the risk and consequences of an attack.
Sources: US Department of Justice, Federal Bureau of Investigation, National Association of Chiefs of Police
© Jim Kouri
The views expressed by RenewAmerica columnists are their own and do not necessarily reflect the position of RenewAmerica or its affiliates.
(See RenewAmerica's publishing standards.)
