Home » Blog » NCIJTF and Cybercrime Task Forces

How can a task force like the NCIJTF help me fight Cybercrime?

cybercrime task force team explore hack

Published: March 9, 2023

mariah beckman

Written and reported by:

Mariah Beckman

Contributing Writer

Each passing year brings new advancements in technology. And for each new advancement, there is a criminal working hard to figure out ways to exploit it. Some adults can still remember the word cyberthreat first coming into use around the late 1980s, but the truth is cybersecurity has been a concern since the very first closed-network digital computer was developed in 1943. 

In this Article

First, a little history… 

From phone phreaking in the 1950s and the 1960s ethical hacking of Tech Model Railroad Club at MIT to the Creeper and the Reaper viruses of the 1970s, cyber crimes have been around long before there was a formal task force to fight them. 

Before everyday people had access to the world wide web, law enforcement primarily dealt with local threats. But in 1986, during the Cold War, a German hacker named Marcus Hess succeeded in hacking into the US government’s systems. In a matter of minutes he and his co-conspirators had access to computers and mainframes belonging to the Pentagon and the military. Their plan? To sell sensitive U.S. information to the Russian KGB. 

Many mark this as the beginning of cybersecurity as an industry. After the attack on the Pentagon, commercial security software programs began production and were available by 1987. 

Task forces cyber-serve and protect

The FBI was involved in investigating and fighting cyber criminals for decades before it developed its first official department dedicated to virtual crime. It wasn’t until 2002, however, that the FBI Cyber Division was created to target cyber-based criminals. Terrorism, fraud, identity theft and espionage are just some of the crimes this division protects against. 

But they don’t do it in a vacuum. Here’s a brief overview of some of the task forces that the FBI operates and works alongside to keep virtual criminals at bay.

National Cyber Investigative Joint Task Force (NCIJTF)

In 2008, the National Cyber Investigative Joint Task Force (NCIJTF) was established. This organization is presidentially mandated and an alliance of 30 government organizations with complementary missions, all working together to protect national cyber interests. The task force leverages its connections and collaborates with partners in the international and private sector to bring all available resources to bear against domestic cyber threats.

National Cyber-Forensics and Training Alliance (NCFTA)

The National Cyber-Forensics and Training Alliance (NCFTA) was established in 2002 as a partnership between private industry, government, and academia. This nonprofit organization’s purpose is to provide a neutral, trusted environment that enables collaboration and cooperation in the fight against cyber crime. The NCFTA developed as an outgrowth of one of the first federal/state/local High-Tech Crimes Task Forces, which recognized the significant need to attract ongoing participation from key subject matter experts within industry and academia to both enhance and sustain effectiveness.

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center (IC3) was founded in 2000, and it represents a partnership between the FBI and the National White Collar Crime Center (which was, interestingly enough, founded in 1978). The IC3 is a portal designed to receive, develop and refer criminal complaints regarding cyber crime. It also aims to serve as a law enforcement communication hub, connecting and sharing data between federal, state and local agencies.


InfraGard is an information sharing and analysis effort that started in 1996. Its aim was to share information from the IT industry, private sector and academia with cyber crime investigators in the FBI. In 2003, the Bureau expanded InfraGard’s jurisdiction to a national stage.

Cybersecurity and Infrastructure Security Agency

The Cybersecurity and Infrastructure Security Agency continues the work of what was once the Department of Homeland Security’s National Protection and Programs Directorate (NPPD). Since 2018, CISA has furthered the program’s aim to protect America’s physical and virtual infrastructure from threats and attacks. Its mission is to “build the national capacity to defend against cyber attacks.”

What kind of person investigates cybercrime?

There are many agencies that work together to outsmart cyber criminals, and more talented computer specialists are needed every year. According to the U.S. Bureau of Labor and Statistics (BLS), employment of information security analysts could grow by an unprecedented 31.5% through 2032. Some estimates claim there’s a shortage of 3.4 million in this broad field. 

So what kind of person will be the most successful in this fast-growing field? Is a career in a cybercrime task force right for someone like you?

Transferable skills:
Those with strong inductive and deductive reasoning skills thrive in cybersecurity positions, according to O*NET, a subsidiary of the BLS. Perceptual speed—the ability to quickly and accurately compare similarities and differences among data sets—is another key skill. Flexibility of closure is also an important soft skill cybersecurity professionals need to succeed; this means you have the ability to identify or detect a known pattern (a figure or word, for instance) that is hidden in the midst of other distracting material.
Technical skills:
Most of the technical skills that cybersecurity professionals need center around computer systems, quality control analysis and systems evaluation. You’ll determine how systems work, and evaluate how changes in conditions or environments affect outcomes. You may conduct tests or inspect processes, evaluating databases or networks for quality and performance. And you’ll identify measures of system performance and determine what actions to take to improve quality or to correct any anomalies. 

The software that cybersecurity professionals use will vary from role to role. Some jobs use programs like Amazon Web Services AWS or Amazon Redshift daily; these positions focus on cloud computing and database management. Software such as Django and Google Angular, on the other hand, are used for web development. 

In order to learn the most relevant tech and transferable skills for the roles you want to target in cybersecurity, begin leveraging your professional network—the earlier the better. Connect with other professionals at companies and in industries you care about. Ask for informational interviews and use what you find to help guide you in your educational journey.
In order to work in the cybersecurity industry, you can expect a STEAM-heavy curriculum in college. Students should consider a bachelor’s degree or higher in Computer Science or a closely related field. Their course of study will include statistics and advanced mathematics. Hands-on experience in programming, networking, cryptography or computer security will give candidates a definite edge. 

The National Initiative for Cybersecurity Careers and Studies (NICCS) has designated 340 colleges and universities as Centers of Academic Excellence. Graduates from these programs  will most likely have extra edge during the hiring process. A degree in information technology will help you develop the right combination of hard and soft skills to succeed in this field.

It’s important to note that while most careers that involve investigating cybercrime require a bachelor’s degree, you don’t necessarily need an IT degree to do it. A BS in Cybersecurity, Computer Science, Criminal Justice or Business are all points of entry into this broad field.
Background check:
No matter the location, candidates who want to work in cybersecurity should expect to pass a rigorous background check. Because cybersecurity specialists deal with sensitive information day in and day out, a federal and local background check gives a little insight into an applicant’s moral compass.

For cybersecurity positions at the FBI, there are strict guidelines in place. For instance, candidates must be no younger than 23 and no older than 37. They must also pass a fitness test and complete the same 21 weeks of training as other Special Agents at the Bureau’s notoriously tough Quantico training academy.

An overview of cybersecurity careers

How do you investigate cybercrimes, and what kind of careers are open to you if you want to do it?

Careers in cybersecurity typically fall into two categories: analyst or engineer. Security analysts handle business-facing tasks: reporting and translating data for stakeholders. Security engineers build and test systems to protect against cyberattacks, malware, and spam. 

There are many different roles in cybersecurity, each with its own focus and specialty. A few that the U.S. Bureau of Labor Statistics has identified as highly in-demand include:

  • Digital Forensics Analysts 
  • Penetration Testers
  • Information Security Engineers 
  • Information Security Analysts 
  • Computer and Information Systems Managers 
  • Financial Risk Specialists 
  • Computer and Information Research Scientists
  • Information Technology Project Managers

How cybercrime professionals investigate virtual crimes

Steps in a cybercrime investigation

What exactly goes into investigating cybercrimes? There are specific steps and software systems that cybersecurity pros use.

Background and Information gathering: A cybercrime investigator gathers background information and compiles any relevant facts about the crime in question. Potential suspects, the scope of the crime, available evidence and many other considerations are taken during this fact-finding and survellaine-review stage.

Tracking the authors: Public as well as private security agencies works with network providers and ISP companies to locate and analyze the trail digital criminals leave behind. This phase is a waiting game, and can often take several months as investigators seek legal permission from prosecutors and the court in order to access the information they need. This large gap in time is what makes cybercrime investigation a challenge.

Analyzing digital forensics: A deep analysis of the affected systems provides further clues about the point of ingress in a digital attack. Data analysis is key, and involves info from many different sources: raw connection data, hard drives, file systems, caching devices, RAM memory and more. Investigators are looking for digital “fingerprints” left behind by cybercriminals that will hopefully trace back to its origin.

Software systems task force cybercrime units use

Cybercrime task force investigators rely on data analysis and extraction software to help them follow the digital trail of breadcrumbs that cybercriminals leave behind. There are many lauded programs that professionals in the public and private sector use. Here are a few popular ones:

Bulk Extractor:
Perfect for data extraction and analysis, Bulk Extractor harvests data such as URLs, email addresses and credit card numbers from ISO disk images and directories. It can parse a wide variety of file types, including images, videos, office-based and compressed files.
Used by government and corporate task forces and agencies alike, PALADIN is designed to streamline forensic data analysis.
ProDiscover Forensic:
This product suite offers a wide array of diagnostic tools that help investigators explore evidence and extract pertinent artifacts. 

Careers in government or the private sector?

There are two major arenas that cybersecurity professionals can work if they’re interested in investigating or preventing cyber crime: government task forces or the private sector. In either position, you’ll be protecting people, companies and institutions from malicious threats online. In a government position, the focus is more on the public and on addressing emergent threats: cyberbullying, fraud, child endangerment and so on. In a corporate position, you’ll be more focused on preventing and protecting intellectual property, securing finances and monitoring for weak spots in a company’s virtual defense system.

The public sector

Government agencies need highly trained cybersecurity professionals to protect the sensitive information they collect and manage. Because these are most often careers working with federal government, nonprofit agencies or law enforcement, those with a military background or an interest in law enforcement are drawn to careers in these fields. And with good reason—a career in cybersecurity at the government level has a direct impact on the security and quality of life for millions of Americans. 

As with most government careers, roles in cybersecurity are usually very structured and process driven. The day-to-day job duties will be rigidly defined, and upward mobility will be based on seniority.

The private sector

Private sector cybersecurity careers are most often found at for-profit organizations—ecommerce retailers like Amazon, for instance, or banks such as Wells Fargo. You’ll find entry- and mid-level positions at these companies that routinely test the network health and monitor for discrepancies on the site or on internal CRM (customer relationship management) software. 

In the private sector, cybersecurity professionals work with technology that protects the interests of the business. Depending on the industry, this could mean you’ll have opportunities to work with cutting-edge technologies and learn new software. Upward mobility is considered by many to be easier to achieve in industry, and pay is often higher than in government positions due to the dependence companies have on the integrity of their digital infrastructure.