FBI considering plans to dismantle cyber-security unit

[InfoSec News <isn () c4i org>]

http://www.uniontrib.com/news/computing/20020320-1620-fbicybercrime.html

By Ted Bridis
ASSOCIATED PRESS 
March 20, 2002 

WASHINGTON - The FBI is strongly considering a plan to dismantle its
premier cyber-security unit, responsible for protecting the nation's
most important computer networks, and instead focus more narrowly on
arresting online criminals and hackers.

FBI Director Robert Mueller has outlined a plan on Capitol Hill in
recent weeks to break up the $27 million-a-year National
Infrastructure Protection Center, formed in February 1998 to watch
over the nation's systems controlling banking, water, power,
telecommunications and government.

Mueller was expected to make a formal decision as early as next week,
administration and congressional sources said Wednesday.

An FBI spokesman said no plans have been finalized. The topic was
expected to come up during a Senate Judiciary Committee oversight
hearing Thursday.

The proposal to dismantle the unit, whose reputation has improved
markedly in the past year after a string of early embarrassments,
already is raising concerns among some lawmakers, Bush administration
officials and industry experts. They worry that a narrow focus by the
FBI on criminal investigations into computer attacks might discourage
corporations from disclosing details of threats and attacks on their
private networks.

The move "would destroy the fragile trust between NIPC and the private
sector, which controls 90 percent of the nation's critical
infrastructure," Sen. Charles E. Grassley, R-Iowa, wrote this week in
a letter to the FBI director. "The broken trust would, in turn,
curtail, if not end, the flow of information from the private sector
to the FBI, leaving the bureau essentially blind about threats to
critical infrastructure."

Grassley, a Judiciary Committee member and one of the FBI's toughest
congressional critics, indicated that Mueller outlined the proposal in
a meeting last month. Other congressional and administration sources,
speaking on condition of anonymity, said they also have discussed the
proposal in recent weeks with Mueller. Some who discussed the idea
with the director said they believed he was leaning toward breaking up
the unit; others said they thought he was only considering the idea.

Grassley cautioned Mueller: "You do not fully realize the consequences
of your proposal."

The plan Mueller has described would move most of the unit's functions
into a newly formed cyber-crime division under the FBI's new executive
assistant director for criminal investigations, Bruce J. Gebhardt,
whose background is mostly in organized crime and drug cases.

Other parts of the unit would be moved into existing FBI divisions
focused on counterterrorism and counterintelligence.

"It doesn't sound like a particularly good idea," said Harris Miller,
head of the Washington-based Information Technology Association of
America, a trade group. "If it's put into the criminal division, it
becomes an enforcement function, not an information exchange."

The ITAA runs an early-warning center about online threats for the
nation's technology companies. Other such centers exist in the
electric, telecommunications and financial industries.

Grassley warned Mueller that some companies participating in such
privately organized warning centers have indicated they would stop
sharing details with the FBI about online threats if the unit were
dismantled.

Under the plan, it was unclear how or whether the FBI would continue
to exchange warnings with U.S. corporations about online threats.  
Already, that branch of the FBI unit is physically moving out of the
bureau's headquarters to share a building near the White House with
part of the Office of Homeland Security and a little-known
cyber-protection unit within the Commerce Department.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.