FBI Cyber Division

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Cyber Division
FBI Cyber Division.png
Emblem of the Cyber Division
Active2002 – present
(20 years)
CountryUnited States
AgencyFederal Bureau of Investigation
Part ofCriminal, Cyber, Response, and Services Branch
HeadquartersJ. Edgar Hoover Building
Washington, D.C.
Assistant Director Bryan A. Vorndran[2]

The Cyber Division (CyD) is a Federal Bureau of Investigation division which heads the national effort to investigate and prosecute internet crimes, including "cyber based terrorism, espionage, computer intrusions, and major cyber fraud." This division of the FBI uses the information it gathers during investigation to inform the public of current trends in cyber crime. It focuses around three main priorities: computer intrusion, identity theft, and cyber fraud. It was created in 2002.[3]

[4] In response to billions of dollars lost in cyber-crimes, that have had devastating impact on the United States' economic and national security, the FBI created a main "Cyber Division at FBI Headquarters to "address cyber crime in a coordinated and cohesive manner." Branching out from there, specially trained cyber squads have been placed in 56 field offices across the United States, staffed with "agents and analysts who protect against computer intrusions, theft of intellectual property and personal information, child pornography and exploitation, and online fraud." Due to internet threats around the world, the FBI has developed "cyber action teams" that travel globally to help in "computer intrusion cases" and gather information that helps to identify cyber crimes that are most dangerous to our national security.

[4] Keeping the focus not only on national security but also on threats to citizens of the United States, the FBI has long been focused on identity theft, which is a growing concern for American citizens. Since fiscal year 2008 through the middle of fiscal year 2013, the number of identity theft related crimes investigated by the Bureau across all programs have resulted in more than 1,600 convictions, $78.6 million in restitutions, $4.6 billion in recoveries, and $6.8 billion in fines.

High priority is given to investigations that involve terrorist organizations or intelligence operations sponsored by foreign governments, which FBI calls "national security cyber intrusions".[4] The Cyber Division has primary responsibility for the FBI's efforts to counter national security–related cyber intrusions.[5] The Cyber Division priorities in rank order are:

(a) cyber intrusions;
(b) child sexual exploitation;
(c) intellectual property rights; and
(d) internet fraud.[4]

FBI Cyber Division works through the National Cyber Investigative Joint Task Force (NCIJTF) and cyber investigative squads located in each FBI field office.[4] Since 2008, NCIJTF is the primary American agency responsible for coordinating cyber threats investigations, and liaisons with Central Intelligence Agency (CIA), Department of Defense (DOD), Department of Homeland Security (DHS), and National Security Agency (NSA).[6]

A large number of cases investigated by the Cyber Division come from the Internet Fraud Complaint Center (IFCC), which in 2002 received about 75,000 complaints.[6][needs update]

Some cases that the Cyber Division has investigated included: dismantling a ring of criminals using malware to redirect users to rogue DNS servers (Operation Ghost Click);[7] taking down a botnet based on Coreflood trojan used for fraud;[8] taking down a group responsible for robbing over 2,000 ATM machines at once;[9] taking down a group of about 100 involved in phishing (Operation Phish Phry);[10] and taking down of the DarkMarket cyber crime forum used by criminals.[11]


  • Cyber Operations Branch
    • Cyber Operations Section I
    • Cyber Operations Section II
    • Cyber Operations Section III
    • Cyber Operations Section IV
    • Cyber Operations Section V
  • Cyber Readiness, Outreach, and Intelligence Branch
    • Cyber Readiness Section
    • Cyber Outreach Section
    • Cyber Intelligence Section

See also[edit]


  1. ^ Garrity, Robert J. (February 13, 2004). "FBI's Role in the Process of Preventing the Entry of Terrorists into the U.S." FBI. Retrieved August 16, 2022.
  2. ^ "Bryan A. Vorndran". Federal Bureau of Investigation. Retrieved August 16, 2022.
  3. ^ "FBI's Ability to Address the National Security Cyber Intrusion Threat" (PDF). justice.gov. p. 2.
  4. ^ a b c d e Cyber Crime, p. 2 ([1])
  5. ^ FBI's Ability to Address the National Security Cyber Intrusion Threat, p. ii (PDF)
  6. ^ a b Michael Kraft; Edward Marks (February 2, 2012). U. S. Government Counterterrorism: A Guide to Who Does What. CRC Press. pp. 173–174. ISBN 978-1-4665-1629-8. Retrieved December 28, 2012.
  7. ^ "FBI — International Cyber Ring That Infected Millions of Computers Dismantled". Federal Bureau of Investigation. Archived from the original on June 30, 2012. Retrieved December 28, 2012.
  8. ^ "FBI — Botnet Operation Disabled". Federal Bureau of Investigation. Archived from the original on January 16, 2013. Retrieved December 28, 2012.
  9. ^ "FBI — 2,100 ATMs Hit at Once". Federal Bureau of Investigation. November 8, 2008. Retrieved December 28, 2012.
  10. ^ "FBI — Operation 'Phish Phry'". Federal Bureau of Investigation. September 29, 2011. Retrieved December 28, 2012.
  11. ^ "FBI — Dark Market Takedown". Federal Bureau of Investigation. Retrieved December 28, 2012.

External links[edit]