Modernizing Authentication — What It Takes to Transform Secure Access
WASHINGTON -- As cyber crime increasingly becomes the vocation of highly organized criminal syndicates, law enforcement authorities have been revamping their approach to address the growing sophistication of the threat.
Speaking here at the FOSE government IT show, Deputy Assistant FBI Director Steven Chabinsky said that high-tech crimes have become the bureau's top law-enforcement priority, reflecting the heightened concerns about cybersecurity across the senior ranks of the federal government.
"If we fail to act, the cyber threat can be an existential threat, meaning it can challenge our country's very existence, or significantly alter our nation's potential," Chabinsky said. "I am convinced that given enough time, motivation and funding, a determined adversary will always -- always -- be able to penetrate a targeted system."
Through a series of sting operations, the FBI has been probing the anatomy of cyber crime gangs, which Chabinsky said have taken on a Mafia-like structure that is a far cry from the early days of the lone-wolf hacker setting out to make a name for himself.
What Chabinsky described were highly professional and increasingly specialized organizations which have clearly defined roles, enabling them to focus narrowly on one area of the gang's operations and giving rise to a new breed of "career criminals."
"They make so much money and have so many connections, that they no longer need a legitimate day job," Chabinsky said. "This specialization has been extremely beneficial to cyber criminals."
The FBI and other law enforcement agencies have developed organization charts enumerating the various roles involved in cyber criminal enterprises, including the coders, the "techies," who maintain the infrastructure apparatus, such as servers and so-called "bullet-proof" ISPs, and hackers, who continually probe for application and network vulnerabilities to exploit.
The fraudsters, who create social engineering schemes like phishing, spam, and domain squatting, are producing ever-more convincing products, Chabinsky said, which the FBI attributes in part to their English getting better.
He also outlined three classes of money mules, the individuals who execute wire or bank transfers to move pilfered funds for the gang. Many fall into the category Chabinsky described as "one-and-done" mules, who through no malicious intent execute transfers after being tricked by a work-at-home scheme, only to later realize that what they were doing was illegal. One-time mules often come forward and aid with law-enforcement investigations.
But just as the huge sums that cyber gangs have been able to snag have proven sufficient to support black-hat careers for hackers, ISPs and domain hosts, Chabinsky described a growing class of career money mules who make illicit wire and bank transfers a full-time job. Ahead of the career mules is a class the FBI has dedicated as "premier" mules, who often arrive in the United States on student or work visas with specific instructions from the gang on banking procedures and set up franchises of their own, looking to recruit other mules to fill out the bottom of the hierarchy.
As a result of the emerging professionalization of the criminal enterprises, the FBI has adopted tactics similar to its approach to conventional gangs, setting up long-term sting operations in which special agents infiltrate the organization.
Chabinsky described a sting operation that saw an FBI agent infiltrate an online criminal forum called Dark Market. The FBI agent, who was known only to the criminals by his screen name "Master Splinter," spent two years working with the gang. Chabinsky said the members treated the agent with suspicion at the outset, but that gave way to a full-fledged trust after admitting him to the forum, which for the criminals also served as a social outlet. That trust became so thorough that the members dismissed a warning that Master Splinter was a federal agent, simply because it came from an outsider.
"For them it's a social thing," Chabinsky said. "We found that almost any cyber criminal enterprise would begin to trust us despite having never met us face-to-face."
But cyber crime is a cat-and-mouse game, and Chabinsky said that many of the gangs are getting wise to the increased activity of law-enforcement agencies.
"Many of the most well-known bad guys are going underground," he said. "It's becoming more common for cyber criminals to organize their unlawful activity using encrypted private chat services."
For its part, the FBI has been looking to boost the cybersecurity expertise in its own ranks. The bureau now has more than 1,000 cybersecurity experts spread across each of its 56 field offices in the United States, and has added computer-forensics training as a core requirement for all special agents to complete before graduating from the training program at Quantico.
Overseas, the FBI has partnered with at least 60 nations to set up legal attaches to combat a form of crime that almost invariably crosses at least one national border. The bureau has also embedded personnel with law-enforcement agencies working in Eastern Europe, which has emerged as a haven for organized cyber crime.
But Chabinsky also urged individuals and businesses to come forward to law enforcement when they have been targeted by cyber criminals, and stressed the importance of fostering public-private partnerships between government and businesses to combat Internet crime and address security holes.