- Home
- Agencies
- Department of Agriculture
- Department of Housing and Urban Development
- General Services Administration
- Department of Commerce
- Department of the Interior
- National Aeronautics and Space Administration
- Department of Defense
- Department of Justice
- National Science Foundation
- Department of Education
- Department of Labor
- Office of Personnel Management
- Department of Energy
- Department of State
- Small Business Administration
- Environmental Protection Agency
- Department of Transportation
- Social Security Administration
- Department of Health and Human Services
- Department of the Treasury
- U.S. Agency for International Development
- Department of Homeland Security
- Department of Veterans Affairs
- Goals
- Initiatives
- Programs
Primary tabs
Key to Changes
This text is Revised text
This word has been added to the text
This text is Last Published text
This word has been removed from the text
Modifed styling with no visual changes
Strategic Objective
Combat cyber-based threats and attacks
Strategic Objective
Overview
A range of cyber activities can diminish our security and siphon off valuable economic assets. A growing number of sophisticated state and non-state actors have both the desire and the capability to steal sensitive data, trade secrets, and intellectual property for military and competitive advantage. The other major national security threat in cyberspace is cyber-enabled terrorism. The Department believes that it is a question of when, not if, there will be attempts to do so.
The cyber threat demands ready and fluid means of sharing information and coordinating actions. To successfully investigate and disrupt cyber threats, the Department must be creative and forward-looking in its approach, considering what kinds of tools, investigations, and outreach can be launched now to lay the groundwork for future cyber efforts. As an example, the Department has partnered with nations worldwide in the INTERPOL Global Complex for Innovation, which will enhance its operational and investigative cyber capabilities through international cooperation and innovative technical solutions and systems. Collaboration with the private sector is also crucial to prevent breaches and protect confidential and proprietary information.
Read Less...Progress Update
Strategic Objective Review Summary of Findings: On track and making satisfactory progress
A key component of DOJ’s strategy for combating cyber-based threats and intrusions is to prevent such threats from developing into incidents or criminal cases. Cyber-based threats are prevented by establishing successful relationships with other law enforcement agencies and members of the intelligence community; outreach to and information sharing with victims; the collection of intelligence about such threats; of business transactions and license applications for national security concerns; and providing guidance to other Executive Branch departments and agencies on complex and novel legal and policy questions. Once an intrusion occurs, the Department’s investigators and prosecutors conduct investigations with the objective of arresting and prosecuting those responsible or otherwise disrupting and deterring that activity.
DOJ uses a combination of civil, criminal, and administrative authorities (e.g., civil injunctions and seizure and forfeiture) to prevent and disrupt cyber threats such as computer intrusions. Although narrowly missing its 2015 target, the FBI achieved 479 computer intrusion program disruptions and dismantlements in FY 2015, and attained 2,492 during 2014. The Department also consistently surpasses its target of resolving 90 percent of its cyber cases favorably; achieving 100 percent in FY 2015. Notable case successes include the largest law enforcement cyber action in U.S. history – the takedown of Blackshades; a particularly insidious computer malware, sold and distributed to thousands of people in more than 100 countries. Alex Yücel, the co-creator of Blackshades, pled guilty to one count of distribution of malicious software in February 2015. Another successful case for DOJ was U.S. v. Christopher Glenn. A former cleared military contractor, Glenn pled guilty in January 2015 to a computer intrusion to obtain national defense information, and later was sentenced to 120 months in prison. Another success was the takedown of GameOverZeus (GOZ). GOZ infected between 500K – 1M computers worldwide and caused more than $100 million in financial losses to businesses and consumers in the United States.
The FBI’s Next Generation Cyber initiative further enhanced the Department’s leading role in investigating and countering domestic threats to the nation’s cyber security, developing and using Cyber Task Forces (CTFs) in all 56 FBI field offices. CTFs focus exclusively on cyber security to counter threats posed by terrorists, nation-state actors, and criminal cyber actors. To support prioritization and action with regard to cyber-security threats, in FY 2015, NSD also reorganized to create a new Deputy Assistant Attorney General to oversee national asset protection, foreign investment review, and cross-divisional cyber efforts.
Challenges related to this objective include increased use of encryption in communications; personnel recruitment and retention; potential statute reforms imposing additional resource demands; keeping pace with more sophisticated cyber threat actors and tools; and privacy constraints. To mitigate these risks, the Department will continue to recruit, hire and train qualified cyber-skilled professionals, as well as deliver continuing education for cyber investigators and prosecutors. Through the National Security Cyber Specialist and Computer Hacking and Intellectual Property coordinator networks, NSD will train additional Assistant U.S. Attorneys in criminal and national security related to cyber investigations. The Department will also continue to invest in information technology that addresses cyber vulnerabilities, and continue to deploy the innovative use of civil, criminal, and foreign intelligence authorities to counter the advanced and ever-evolving tactics, techniques, and procedures of criminal and national security cyber actors.