Justice Department will struggle to handle future cyber-threats, says inspector

The department has also struggled with retaining top talent and creating meaningful relationships with the private sector "in part because of privacy concerns and a general distrust of government."

The Justice Department in Washington DC (Image: file photo via Wikimedia Commons)

The Justice Department, which includes the FBI and Homeland Security, may be ill-equipped in the near future to handle cyber-threats against the homeland, an inspector's report has said.

In a report dated November 10 and released Monday, the Justice Deptartment's inspector general Michael Horowitz, whose role is to detect and deter among other things waste, fraud, and misconduct in the government agency, said that the department "will be challenged to sustain a focused, well coordinated, and robust cybersecurity approach for the foreseeable future."

The news can't come at a worse time for government, which in the past year has suffered a series of major hacks, attacks, and data breaches that left millions of employees and citizens affected.

In one of those cases, the attack on the Office of Personnel Management (OPM), which vets prospective employees for government work with classified material, left more than 22 million people vulnerable to identity theft, and blackmail by other nation states.

That attack alone, according to Horowitz, "clearly demonstrates that the federal government is vulnerable."

Horowitz, who has been in the job for more than three years, said one of the challenges facing the department, which oversees much of the government's cyber-intelligence gathering and prevention strategy, was the difficulties in retaining "top talent."

"We found that the FBI failed to hire 52 of the 134 computer scientists that it was authorized to hire, and that 5 of the 56 field offices did not have a computer scientist assigned to that office's Cyber Task Force," the report said.

The inspector added that the department's agencies "face challenges" in partnering and sharing information about cyber-related matters, "in part because of privacy concerns and a general distrust of government."

That was a subtle dig at the tech companies who, in the wake of the Edward Snowden revelations into mass government surveillance two years ago, doubled-down on security in an attempt to block the government from accessing their systems and their customers' data. Nine companies were accused of handing data to the government through the PRISM surveillance program, charges they all strenuously denied.

Attorney general Loretta Lynch rebuffed the remarks by the inspector at a House judiciary committee hearing on Tuesday.

"We are placing particular emphasis on countering security threats in cyberspace. We are perpetually on guard against individuals, organized groups, terrorists and state actors who might attempt to steal our data, endanger our economy, compromise our privacy and threaten our security," Lynch said in prepared remarks.

"I've also been meeting personally with corporate executives and general counsels around the country to spread our message of cyber-awareness, encourage strategic collaboration and find new ways to protect American consumers," she added, but did not say from which companies.

When reached for comment, a Justice Department spokesperson did not comment further.