The U.S. Department of Justice (DoJ) announced the creation of a cybersecurity fellowship program that will train prosecutors and attorneys to handle emerging national cybersecurity threats.
Fellows in the three-year Cyber Fellowship program will investigate and prosecute state-sponsored cybersecurity threats, transnational criminal groups, infrastructure and ransomware attacks and the use of cryptocurrency and money laundering to finance and profit from cybercrimes.
Cyber Fellowship Program
The program will train selected attorneys to deal with emerging cybercriminal threats and the ability to secure a top-secret security clearance is a prerequisite. All participants will be based in the Washington, D.C. area.
As part of the fellowship, participants will rotate through the multiple departments charged with protecting the country from cybersecurity threats, including the Criminal Division, the National Security Division and the U.S. Attorneys’ Offices.
The program is coordinated through the Criminal Division’s Computer Crime and Intellectual Property Section and the creation of the Fellowship is the result of a recommendation from the department’s ongoing comprehensive cybersecurity review, which was ordered by Deputy Attorney General Lisa Monaco in May 2021.
Enhancing Efforts Against Cybersecurity Threats
The review is aimed at developing actionable recommendations to enhance and expand the Justice Department’s efforts against cybersecurity threats.
Bill O’Neill, vice president of public sector at ThycoticCentrify, a Washington D.C.-based provider of cloud identity security solutions, noted there are many attorneys already focused on cybersecurity and IT for private industries, and the DoJ should be no different.
“The DoJ needs to assign specialized cybersecurity attorneys and prosecutors to protect the government,” he said. “The challenge in developing a new generation of prosecutors and attorneys will be offering competitive salaries, benefits and a steady career growth trajectory to attract talent and expertise to the government sector.”
O’Neill pointed to recent critical infrastructure attacks like the Colonial Pipeline ransomware attack and the Oldsmar, Florida water treatment plant attack, which he said have directly impacted private industries including financial, energy and health care.
“Ultimately, these private sector industries have lessons learned and best practices to share with the government,” he said. “Likewise, the government has knowledge stemming from CISA and Cyber Command on how to implement cybersecurity strategy and national defenses.”
He said if the DoJ were to leverage the high standards of government around NIST, FedRAMP, impact levels and the Department of Defense, it would lend credence to the severity of cybersecurity threats that are threatening both our government and private sector.
“The federal government does not have enough cyber-trained resources, like CISOs, for government and private industries,” O’Neill said. “We have seen university and government training levels increase, but we are still a far cry from implementing what is required to protect our nation in the commercial and private sectors.”
Kevin Dunne, president at Pathlock, a provider of unified access orchestration, noted that cybercrime is on the rise, with ransomware attacks up over 100% in just 12 months.
“Much of the growth is due to the fact that these attacks, historically, have been largely unprosecuted,” he said. “Bad actors can make off with large sums of money, while the risks of being caught are slim to none. Ensuring that there is a semblance of real risk to these attacks is essential in deterring them from happening in the first place.”
He pointed to two key areas where the private sector and government need to collaborate to ensure success when it comes to fighting cybercrime: Prevention and response.
“The first is prevention, and ensuring that companies prevent attacks from happening,” Dunne said. “Collaboration needs to occur with platforms that could enable attacks, such as cloud hosting providers, network companies and cryptocurrency exchanges, and so on.”
He explained that collecting certain required information when accounts are initiated on those platforms will help to provide the forensic information needed to track down stolen data and funds when attacks inevitably occur.
“The second element is response, which means working with both the victims and the platforms enabling attacks to collect information to facilitate the identification and prosecution of the bad actors responsible for the cybercrimes committed,” Dunne said.
Ideally, additional emphasis would be placed on the area of forensics to help with tracking down the actors responsible for these attacks.
“Typically, this requires a unique skillset which can be difficult to recruit, so the use of bounties or collaboration with other government agencies might be required,” he said. “Additionally, it would be encouraging to see more collaboration internationally, as many of the cybercrimes are committed by bad actors in other countries besides the U.S.”
In fact, the world’s major democratic governments are taking steps to coordinate and bolster cybersecurity defenses, with the European Union and the United States launching a joint initiative to combat ransomware.
The stated goals of that partnership, which were announced in June, highlight law enforcement action and raising public awareness on how to protect networks.