WASHINGTON – Cyberwar is the new battleground. While generally non-lethal, it can be more damaging than many physical conflicts simply because the attacks can go unnoticed until it's too late. That's why the FBI is busy retooling to meet this security challenge at home.
When the FBI formed in 1908 there were no cyber-crimes because there was no cyber. Only over the last decade has the bureau taken the potential of cyber-attacks seriously, and now it's a game of catch-up.
"Today it's really about weaponizing very particular software with the goal of trying to extort money from you or take you out of business," said Don Murdoch, a cyber expert with the Institute for Cyber Security at Regent University. "Just completely eliminate you."
Teaching Next Generation of Cyber-Defenders
Through real-life simulations on the university's cyber range, Murdoch trains people from military installations, Fortune 500 companies, and government agencies to become cyber defenders: those who can spot a cyber-attack and stop it.
"Once you understand how the computer systems work, and how the networks work, then you can understand how to co-opt it or misuse it," Murdoch said. "Once you understand how to detect the difference, then you can learn what the attackers are doing and then you can learn how to defend it and harden it and make it stronger."
But that process takes time, and right now the sheer number of cyber-attacks is outpacing the FBI's ability to investigate them.
The US "Five to Ten Years Behind" in Cyber Warfare
"We're probably five to ten years behind in kind of stepping up to this challenge," said former FBI agent Arnold Bell. He spent 25 years at the FBI, half of that time in the cyber-crimes division. He says when he joined the division, cyber-crime was about seventh or eighth on the priority list. Now it's third, behind terrorism and counterintelligence.
"9/11 happened and the shift changed to terrorism as it should and obviously there's a huge focus there," Bell said. "But what's happened with all the different breaches that you read about what seems like every week is it's raised the profile of this crime type."
A delayed response, however, means working overtime to update technology, recruit talent, and train agents to investigate cyber-attacks.
"And the challenge with the bureau is they're competing with the private sector and all the federal agencies and the government payscale doesn't compete well with the private sector," Bell said.
Training at Regent University's State-of-the-Art Cyber Range
"They need highly specialized talent that does not grow on trees," Murdoch said.
But it is developed at places like Regent's cyber range.
"When people come to train to be a cyber defender they're actually using real systems, generating real data, real network traffic," Murdoch said. "It's not simulated, it's not some two-station lab. It's 15 to 20 network segments and 80 operating systems working together that looks like a small to medium-sized business."
Murdoch trains defenders to look for system compromises and to trace them back to the source. A necessary skill for anyone investigating a breach.
For the FBI it's a growing problem with more than 300 identified cyber terror groups worldwide, many backed by foreign governments.
"Trying to get action and trying to get intelligence and trying to get information out of some of these countries where we don't have really strong connections is a big challenge," Bell said.
A big challenge especially for an agency that wasn't even established for this.
"The law enforcement is kind of thinking people commit crimes," Murdoch said. "Well today your crimes could be 25 to 50 thousand computers that may or may not be owned by an individual so leveraging all of those computers on behalf of one attacker, that's a much bigger problem."
What Can You Do? Be More Skeptical
Murdoch says while much of the what he teaches is sophisticated, some is just good old fashioned common sense security. He says "spearfishing" is the most common form of attack and it happens through email. He says if people would simply be more skeptical of the links they click, that alone would drastically reduce the number of attacks.