Just how do cyber agencies track hack attacks?

Some secrets are worth keeping, and one of them is how to identify a cyberattack, congressional testimony revealed on Tuesday. Members of the Senate Subcommittee on Terrorism and Homeland Security wanted to find out at a hearing how government agencies work to identify who is behind a specific cyberattack, reports nextgov.com.

It's not an easy job, and one that federal officials want to keep under wraps.

"When you're in a situation where you don't know if it's a hacker, foreign government, terrorist or criminal group, how do you proceed?" Sen. Ted Kaufman (D-Del.) asked witnesses from the Justice and Homeland Security departments and the FBI. James Baker, associate deputy attorney general at Justice, responded by saying that he turns to two places: the Justice Department's criminal division for investigating and prosecuting cyber criminals, and the National Security Division, which investigates, prosecutes and attempts to stop cyber activities posing a national security threat.

Steven Chabinsky, deputy assistant director of the FBI's cyber division, said the FBI employs more than 2,000 special agents who have special cyber training, and more than 1,000 advanced cyber-trained agents, intelligence analysts and digital forensic examiners. It also relies on the National Cyber Investigative Joint Task Force.

That, however, was as far as the Senate subcommittee got. Chabinsky and Baker did not discuss how their agencies trace cyberattacks back to the source. We're sure it includes plenty of cyber "gumshoes" and cutting edge analysis of clues in cyberspace. And we're positive these investigative organizations have a long way to go before solving the problem.

For more on tracking hack attacks:
- see this nextgov.com article

Related Articles:
Cyberattacks on fed systems triple in two years
Holiday cyberattacks hit U.S. Gov sites
DoD seeks help to fight cyberattacks
Government overwhelmed by cyberattacks