The analysis of information, from open sources (e.g., information that appears in the news media or on the Internet) to the most sensitive information collected or gleaned from human and technical sources. Since 9/11, there has been an explosion of the amount of information obtained via technical means, particularly imagery and communications intercepts, necessitating new analytic methods of sorting and exploiting incoming information, as well as data mining to discover patterns of information and intelligence contained within huge quantities of data. Document exploitation (DOCEX) and forensic methods are also growing areas of intelligence analysis for captured materials and site exploitation.
Congress will pay the FBI an additional $18.6 million to better investigate computer hacking cases, following a federal study that found a third of bureau agents probing breaches significant to national security lacked the necessary networking and counterintelligence skills.A spending package passed Nov. 17 to fund many federal agencies through September 2012 includes President Obama's full request for $166.5 million to tackle computer crimes, an 11.2 percent increase over last year's appropriations. The bureau must use the money to hire an additional 42 computer security professionals, including 14 special agents, according to a report accompanying the legislation.
An ongoing investigation into the possible hack of a U.S. water plant should trigger a methodical analysis of the security of the nation's industrial systems to avoid jumping to the wrong conclusions, former federal cybersecurity officials say.The Homeland Security Department's cyber response team and the FBI are gathering facts about a report of a water pump failure in Springfield, Ill., according to DHS officials. Their actions follow a state fusion center alert, first reported by noted security specialist Joe Weiss and later publicized by media outlets, that apparently suggests intruders may have lingered in the system for weeks. Some security experts familiar with the report are attributing the malfunction to a targeted attack originating from a Russian network access point, or IP address. If the report bears truth, then this incident represents the first known intentional intrusion into a U.S. industrial control system.But some experts caution that many organizations don't have the computer forensics expertise to pinpoint the cause of suspicious network events, let alone the identities of perpetrators.