The FBI, or Federal Bureau of Investigation, is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. With over 35,000 special agents and thousands more support staff, the FBI has a wide range of responsibilities related to criminal and national security matters. One of the key areas the FBI is involved in is investigating and preventing cybercrime and online threats. But exactly what role does the FBI play when it comes to dealing with threats on the Internet?
What is the FBI’s jurisdiction over cybercrime and online threats?
The FBI has broad authority to investigate any violation of federal law or threat to national security that involves computers or networks. This includes:
- Cyberattacks against critical infrastructure or computer systems
- Online fraud, identity theft, and financial crime
- Child exploitation and cyber predators
- Intellectual property theft and industrial espionage
- Terrorist use of the Internet
- Other threats to public safety or national security online
In short, if a crime or threat involves the Internet and violates federal law, the FBI can get involved in the investigation. The FBI prioritizes cyber threats from nation-state actors and global criminal networks, but also assists in cases that impact local communities.
What threats does the FBI’s Cyber Division focus on?
The FBI’s Cyber Division, established in 2002, leads the agency’s efforts to counter cyber-based threats and attacks. The Cyber Division focuses on the following key threats:
Cyberterrorism
The FBI investigates cyberattacks intended to intimidate or coerce a government or civilian population in furtherance of political or social objectives, also known as cyberterrorism. This includes attacks targeting critical infrastructure sectors like energy, transportation, or finance.
Foreign Intelligence Operations
The FBI counters the activities of foreign intelligence services conducting economic espionage, intellectual property theft, or technical surveillance through cyber means. China, Russia, Iran, and North Korea remain the top state-sponsored cyber threats.
Criminal Underground Economy
Transnational cyber criminal groups target victims globally for illicit profit through schemes like business email compromise (BEC) fraud, ransomware, and theft of payment card or personal identity information. The FBI works to dismantle these criminal networks.
Child Exploitation and Obscenity
The FBI investigates the production and distribution of materials depicting the sexual exploitation of minors as well as obscene materials. Offenders use various online platforms and encryption to carry out these crimes anonymously.
What legal authority does the FBI have in cyber cases?
The FBI has broad legal authority derived from legislation, presidential directives, and the Attorney General Guidelines that allow the agency to investigate federal crimes and threats to national security, including those transpiring online or involving computers, networks, or electronic communications and data storage.
Key laws and authorities related to cybercrime investigations include:
- The Computer Fraud and Abuse Act
- The National Information Infrastructure Protection Act
- USA PATRIOT Act
- Homeland Security Act
- Communications Assistance for Law Enforcement Act (CALEA)
- Executive Order 12333 on intelligence activities
In addition, the FBI can gather domestic intelligence under guidelines issued by the Attorney General. This allows the FBI to proactively assess cyber threats and vulnerabilities facing the U.S.
How does the FBI investigate cyber threats?
The FBI uses sophisticated technical capabilities and a nationwide footprint of cyber investigators and digital forensic examiners to identify threat actors and obtain evidence for prosecution. Key investigative techniques include:
- Real-time network monitoring
- Undercover operations
- Court-authorized electronic surveillance
- Court-ordered access to encrypted data or devices
- Interviews of suspects and witnesses
- Service of subpoenas and search warrants
- Malware reverse engineering
- Log file and network traffic analysis
- Mobile device forensic analysis
The FBI collaborates closely with private sector companies to report and respond to cyber intrusions and attacks. Victim notifications and developing attribution are critical aspects of cyber investigations.
How does the FBI work with other agencies on cyber threats?
The FBI works side-by-side with other government agencies that have cybersecurity roles and responsibilities:
Department of Homeland Security (DHS)
DHS shares cyber threat information, manages vulnerabilities, and coordinates incident response for non-national security government networks and critical infrastructure sectors.
U.S. Secret Service (USSS)
The USSS investigates cybercrime related to financial systems and conducts electronic crimes task forces.
Central Intelligence Agency (CIA)
The CIA gathers foreign cyber threat intelligence and undertakes covert action abroad authorized by the president.
National Security Agency (NSA)
The NSA gathers foreign signals intelligence and protects national security systems. The FBI and NSA collaborate closely as part of the Intelligence Community.
Cyber Command
Cyber Command defends Department of Defense networks and can support civilian government network defense during significant cyber incidents.
International Partners
The FBI has over 60 legal attache offices worldwide facilitating joint investigations with foreign law enforcement partners impacted by transnational cyber threats.
How can individuals and companies report cyber threats or crimes to the FBI?
If you believe you are the victim of an Internet scam, cyberattack, online predator, or other cyber-based crime, you can file a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov. This allows the FBI to analyze complaints for leads and patterns of threats targeting the public.
For significant cyber intrusions or attacks against your organization, contact your local FBI field office or request FBI assistance through your legal counsel. The FBI encourages quick notification and early coordination to enable law enforcement assistance and investigative action against cyber threats.
Conclusion
The FBI serves a critical role in investigating and countering cyber threats from criminals, terrorists, hostile nations, and intelligence services. With authorities covering the full range of federal crimes and national security matters, the FBI is able to pursue cyber threat actors worldwide and bring them to justice. Coordination between the FBI and private sector victims is crucial for identifying the scope, attribution, and impacts of cyber incidents. While cyber threats continue growing in scale and sophistication, the capabilities and partnerships of the FBI provide a key line of defense for American companies and the public.