The agents gathered early in the FBI’s Special Operations Center in New York City on a chilly spring day in May of 2014. More than a dozen of them crowded around monitors and keyboards, the tension palpable as they pulled up both private websites and secure interagency communications links, connecting them to countries around the globe and to more than 40 domestic FBI Field Offices.
From those offices and other law enforcement centers in countries like Germany, Canada, Denmark, and the U.K., other agents and officers fanned out. Their objective: arrest almost 100 computer hackers responsible for distributing and running a trojan horse program nicknamed “Blackshades.”
For more than two years, the hackers had been infecting people with Blackshades and using it to seize control of their computers. Every file was accessible, complete browsing history, and even microphones and cameras could be turned on to monitor users without their knowledge. The software had been used to blackmail targets that ranged from Miss Teen USA to Swiss banks.
As the day progressed, the monitors flickered with updates. The main site where Blackshades was available for sale suddenly displayed a large Department of Justice logo and text saying “This Domain Has Been Seized.” The FBI had taken it down.
Other monitors reported progress across the country and overseas; 300 search warrants executed, 90 hackers taken into custody in 17 different countries.
Finally, another monitor showed more than 700,000 active Blackshades infections plotted on a map, identifying users who still had to be notified that they had been owned, but now were safe.
It was all in a day’s work for the FBI’s Cyber Crimes Division.
With crimes like these on the rise, the Division is on a hiring spree– and only the most qualified applicants from the best universities are likely to make it.
An Old Job On a New Beat
The FBI has been investigating computer crimes since at least the 1980s but the first task forces specifically assembled to combat cybercrime weren’t organized until 1991. The incidences of cybercrime grew as fast as the Internet, however, prompting the Bureau to form its Cyber Crimes Division in 2002 to centralize its cybersecurity resources.
The Division primarily works out of the Bureau’s Washington D.C. headquarters but has deployed agents to 56 field offices on a permanent basis and sends detachments around the world as necessary to work on developing cases.
The Division works with authorities in every country as it pursues cybercriminals based overseas.
A Mix of Old and New Crimes in the Brave New World
Initially, the Bureau found itself involved in cybersecurity investigations primarily as an outgrowth of conventional crimes that had simply moved online– bank fraud, child pornography, copyright infringement. Although the territory was new, the crimes were as old as sin and the criminals and motives were familiar to the agents investigating them.
But computers and the Internet also brought entirely new types of crime, some of which weren’t even on the books yet:
- Denial of service
- Online harassment
They also brought new scope to investigations. In the pre-Internet era most crimes were local, but with a reliable global network to use, cybercriminals could attack from anywhere. With responsibility for investigating crimes that involve U.S. citizens overseas and crimes crossing state borders, the FBI workload soared. Only one of the current Cyber Ten Most Wanted is an American. Two of them remain anonymous, existing only as theoretical groups at the other end of an IP address.
Counterterrorism in Cyberspace
Another major shift in the Bureau came in the wake of September 11, 2001. Suddenly, counter-terrorism became the highest priority, and FBI cybersecurity experts found themselves shifting from investigating white-collar crimes to tracking terrorist communications across the Internet.
The Bureau has found itself in an awkward position with counter-terrorism investigations, notably its efforts to pressure Apple into unlocking an iPhone recovered from one of the terrorists involved in the December 2015 terror attack in San Bernardino. Cybersecurity experts have to carefully weigh civil liberties against public safety in a strange new world where it isn’t always clear where lines should be drawn.
In the San Bernardino case, the Cyber Division sliced the Gordian knot by bringing in outside consultants to crack the phone, displaying keen problem-solving skills and the ability to adapt to get the job done.
The Cyber Division hasn’t let up on traditional crime, either, penetrating and bringing down online markets for stolen credit card and financial information and tracking down and arresting hackers responsible for creating and distributing major malware strains.
Becoming a Special Agent with the Cyber Crime Division of the FBI
A career in the Cyber Crime Division can be rewarding and full of excitement, but it may not be easy to get. Although the Feds are planning to add 1000 new agents and 1000 new analysts to Cyber Crime in 2016 alone, their standards remain stringent. Candidates are required to:
- Have a bachelor’s degree in Computer Science or a bachelor’s and at least 30 hours study in computer science, statistics, and mathematics (including 15 hours in integral and differential calculus)
- Be no younger than 23 and no older than 37
- Pass a rigorous background check
- Pass a basic fitness test
- Preferably hands-on experience in programming, networking, cryptography, or computer security
Candidates matriculating from institutions that have been designated as one of the Centers of Academic Excellence often have an extra edge during the hiring process:
- Center of Academic Excellence in Cyber Defense Education (CAE-CDE) for schools offering four-year and graduate degrees
- Center of Academic Excellence in Cyber Defense Two-Year Education (CAE-2Y) for community colleges offering two-year degrees
- Center of Academic Excellence in Cyber Defense Research (CAE-R) for research institutes
The Department of Homeland Security and the National Security Agency jointly proffer the CAE designations. These designations attest to the quality of the programs available at those institutions and how well the curriculum they offer align with the kind of cybersecurity work federal law enforcement agencies handle.
Agents for the Cyber Crimes Division go through the same 21 weeks of training as other Special Agents with the Bureau at its notoriously tough academy in Quantico, Virginia.
After training, graduates will be as comfortable handling a sidearm as they are with a keyboard and will have received an unparalleled course of instruction in the law and criminal behavior from some of the best instructors in the world.