Cyber criminals are starting to act more like corporations and less like lone individuals, Steven Chabinsky, deputy assistant director of the FBI’s Cyber Division said at a speech on Tuesday at a government security conference in Washington, D.C.
Chabinsky framed the issue of online crimes, including hacking and copyright infringement, as a question of both economic and national security.
The FBI has ramped up its cyber crime enforcement efforts, he said, with 1,000 agents, analysts and examiners, cyber squads in all 56 FBI field offices, and 60 international attache offices, including agents embedded with forces in Eastern Europe.
The issue is not just about data, he said, but also about the control of vital infrastructure, including power utilities and water treatment facilities, and about terrorists and foreign countries who are after state secrets.
“The cyber threat can be an existential threat,” he said. Given enough time and resources, anyone who wants to break in to a computer system can do so, he said, as there are dozens of layers of technology involved and the people that use them are constantly changing.
The criminals are often known only by their screen names, he said, which makes the threat seem less severe.
But cyber crime is now dominated by people who view themselves as businessmen, and it is popular with violent organized crime groups, Chabinsky said. The FBI recently used SWAT teams to make arrests in cyber crime cases, he said.
Most are members of online forums where they trade advice and tools, and connect on jobs, he said. The FBI penetrated one recently through an agent who assumed the code name Master Splynter, and spent two years building credibility in the network.
The groups have developed into seasoned professionals, he said, as one group demonstrated in a recent global ATM fraud scam. In one day, he said, hackers were able to steal account numbers and pin codes, produce 400 fake ATM cards, spread out to 280 cities, and steal almost $10 million through 14,000 transactions.
In another recent scam, he said, a father and son team that pleaded guilty to selling $1 million worth of counterfeit software also bought ads on Internet search engines to promote their goods.
The organized networks work like corporations, Chabinsky said, reinvesting profits and following the normal business cycle. The groups are usually run by a group of trusted associates who farm out work to contractors that specialize and contribute pieces to a larger job.
According to Chabinsky, fields of specialization include:
- Programmers who write the malware code.
- Vendors who sell the stolen data.
- “Techies” who maintain the infrastructure, including the servers and the bullet-proof ISPs.
- Hackers who exploit vulnerabilities.
- Fraudsters who are involved with spamming and phishing schemes.
- Cashiers who control accounts.
- Money movers.
- Leaders, who assemble the teams.