FBI's new Cyber Division quietly ramps up

To the surprise of many people in government and in the technology industry, the FBI has been quietly forming its new Cyber Division.

The first formal announcement of the division indirectly was made Tuesday, when FBI Director Robert Mueller announced the appointment of Larry Mefford as assistant director of the division. Mefford is associate special agent in charge of the San Francisco FBI field office.

The goal of the Cyber Division is to coordinate the various online disciplines within the FBI and to investigate federal violations where there are exploitations of computer systems, the Internet or networks. The move is part of the FBI's recent overhaul efforts.

An FBI spokeswoman described the new division as "a work in progress," and many members of the high-technology industry said they were unaware that the division was solidifying.

A Justice Department spokeswoman said that DOJ's Computer Crimes and Intellectual Property section has talked with Mefford in the past, but that it is unclear on how the divisions will interact. "They anticipate sitting down and working together," she said.

Some tech sources said they had been in discussions with Justice and FBI officials on the idea of an FBI cyber division, particularly after Sept. 11, although were not aware the new division was actually forming.

Mueller and Attorney General John Ashcroft "have been pretty pro-active ... in getting out there and reaching out to the community at a higher level," said Shannon Kellogg, vice president of information security practices at the Information Technology Association of America. Kellogg said it was thought that the FBI's National Infrastructure Protection Center (NIPC) would evolve, or merge with another FBI division.

"I think what this is trying to do is pull together a number of initiatives and supervise these initiatives," Kellogg said.

An NIPC source said NIPC is waiting for more details on its role after the FBI restructuring. The source said a formal announcement is likely to be made within 30 days. Another industry source said the real story is how NIPC, the Cyber Division and Richard Clarke, President Bush's cyber-security adviser, will inter-relate.

But there could be problems if NIPC is rolled into the Cyber Division. The NIPC source said industry already is hesitant to share information about vulnerabilities with government, and splitting NIPC may be a further deterrent in that area.

An FBI study released Sunday that was conducted by the Computer Security Institute and the FBI's San Francisco computer-crime squad found that most large corporations and government agencies have been attacked by computer hackers, and they often do not tell authorities of the breaches for fear of bad publicity.

Sen. Charles Grassley, R-Iowa, last month wrote to Mueller discouraging the dismantling of NIPC, a move Mueller had discussed with Grassley during a February meeting. At that time, Mueller was considering placing part of NIPC in the FBI's criminal division and another in its counterterrorism/counterintelligence division.

Mueller mentioned a forthcoming "Cyber-Crime Division" while testifying before the House Appropriations Subcommittee for Commerce, Justice and State in early March. But he also said the FBI needs more funds for the NIPC.

"This change will bring together various cyber initiatives and programs under one umbrella ... to protect our nation's growing digital marketplace and electronic infrastructure," Mueller said.