By James Thompson
On Nov. 20, Supervisory Special Agent Michael Anaya came to Georgia Gwinnett to talk to students about the FBI’s efforts to confront cybercrime. The event was held in the Cisco Auditorium at 6:30pm. It was attended by about 150 students mostly from IT and criminal justice majors.
Agent Anaya explained the FBI’s organizational structure. In the U.S., investigations are conducted from fifty three field offices throughout the country. Thirteen HQ locations serve as administrative centers. Agent Anaya is a cybercrime expert. This is the FBI’s third highest priority coming in after terrorism and counter intelligence (spy hunting). Their expertises in this area involve the apprehension of cyber criminals and educating American businesses about evolving threats.
Agent Anaya told students about a particular criminal who used a Botnet to send malware to a particular company. He then threatened to shut down their network if they didn’t pay him not to. Agents used the email address that the blackmail demand had come from to keep an open line of communication with the hacker. This allowed them to glean important information about their suspect. Eventually, a portion of the ransom was paid.
Following this money was tracked to an overseas financial institution. However, an ATM card linked to the account that received the payment was sent to an address in Wyoming. Unfortunately, this address turned out to be an abandoned house where the hacker sent packages. Although they watched the house for several days, nobody showed up. Agents later discovered that the hacker had such an easy time stealing online that he often simply forgot to pick things up.
Eventually, the hacker slipped and the FBI obtained the email address that had originated the messages. With this information, they were able track the hacker’s location. In order to obtain the evidence for a warrant, the agents set up a ‘honey pot.’ This is a computer made to look vulnerable to hackers. But as soon as it is hacked, it begins to monitor the activity of the source computer. Now armed with a warrant, the FBI swooped in on the suspect’s home and arrested him.
This apprehension was simple since the perpetrator was operating on American soil. More and more cyber criminals work outside the US, which limits the FBIs ability to apprehend these criminals as they must depend on cooperation from the host country. Another factor was that this crime was motivated by money and professional pride. Increasingly the FBI is facing a new kind of threat, state sponsored cyber crime. These criminals are not after money but information, specifically data pertaining to new technologies.
Foreign governments like China use these criminals to bridge the technology gap between them and we allowing their companies remain competitive. These hackers are almost impossible to detain because they operate in other countries and under the protection of those countries governments. This new challenge adds a dangerous new dimension to the job of cyber security. In addition, the tools of the trade are constantly evolving. The FBI must constantly reexamine its methods to keep up with this changing environment to keep our computer, our money, and our information safe.