Task Force Takes ‘Whole Government’ Approach
The National Cyber Investigative Joint Task Force is composed of nearly two dozen federal intelligence, military, and law enforcement agencies, along with local law enforcement and international and private industry partners.
Hackers compromising banking and retail networks to steal consumers’ personal information. Foreign actors virtually accessing our trade secrets. Criminal groups lining their pockets by exploiting any online vulnerability they can find.
In today’s virtual world, it is well known that cyber crime can jeopardize our privacy, our economy, and even our national security. Less well known is an organization—the National Cyber Investigative Joint Task Force (NCIJTF)—that is working around the clock to fight the threat.
“The challenge we face as a nation is formidable, because the bad actors never stop trying to infiltrate our systems,” said Greg McAleer, an assistant special agent in charge at the U.S. Secret Service who was recently named one of the NCIJTF’s deputy directors. “The NCIJTF uses a whole government approach—employing every tool in our arsenal to address the threat and protect our infrastructure, financial systems, and intellectual property.”
Working largely out of public view, the nearly two dozen federal intelligence, military, and law enforcement agencies that comprise the NCIJTF—along with local law enforcement agencies and international and private industry partners—serve as the government’s central hub for coordinating, integrating, and sharing information related to cyber threat investigations.
Established in 2008 by a presidential directive and administered by the FBI, the NCIJTF is also tasked with identifying cyber hackers and understanding their motivations and capabilities. That knowledge is used to disrupt criminal operations, minimize the consequences of intrusions, and ultimately bring perpetrators to justice.
This unified, government-wide approach leverages intelligence gathering and sharing among task force partners to gain a strategic view of what our enemies are trying to do within our infrastructure and why.
“Individual local and federal organizations rightfully focus on immediate threats in their areas of responsibility, but the NCIJTF is looking at the overall cyber landscape,” said FBI Special Agent Paul Holdeman, an NCIJTF chief. “We are looking at the broad strategic shifts in the enemy’s tactics and movements. What are these bad actors doing, and what threats do they pose?”
The ability to share intelligence across government agencies integrates the response to intrusions and investigations. “That is the key to the NCIJTF’s success, the exchange of information,” Holdeman said. “Bringing everyone together under one roof has been a huge benefit.”
Gustavo Rodriguez, a lieutenant with the New York Police Department (NYPD), recently completed a six-month assignment on the task force as part of the FBI’s Law Enforcement Fellows program, in which members of local law enforcement are trained so they can in turn train their colleagues when they return to their organizations.
“The NYPD has a robust cyber program,” Rodriguez said, “but the department thought it would be wise to see how the NCIJTF collectively addresses the cyber threat. The Fellows program allowed me to see the threat in real time domestically and internationally.” He added, “This experience has opened my eyes to how serious the threat is and how much damage bad actors could cause if left unchecked.”
The cyber criminals and nation states probing our systems are relentless, McAleer said. “But the American public should know that the NCIJTF will leverage technology, intelligence, tactics, and partnerships to disrupt attacks before they materialize.”