The Federal Bureau of Investigation will aggressively crack down on cyber crime over the next few weeks, with a bureau official advising the public to anticipate indictments, searches, and multiple arrests.
Robert Anderson Jr. told the Reuters Cybersecurity Summit in Washington on Wednesday that the bureau has revamped its focus on cyber crime and will show a “much more offensive side” to its enforcement efforts soon.
“There is a philosophy change. If you are going to attack Americans, we are going to hold you accountable,” he said. “If we can reach out and touch you, we are going to reach out and touch you.”
FBI director James Comey appointed Anderson as the executive assistant director of cyber enforcement at the bureau in March, putting him in charge of international operations and critical incident response, among other duties. Before taking his current post, Anderson oversaw counter intelligence and espionage investigation at the FBI, and seems to have brought that mentality to his current responsibility.
In explaining recent examples of the bureau’s cyber enforcement, Anderson mentioned the case of Dmitry Belorossov, a Russian hacker accused of operating a botnet that targeted an estimated 7,000 Americans. Belorossov was arrested at a Spanish airport and, after an extradition battle between the US and Russia, ordered to stand trial in the US.
Anderson warned that the bureau will not hesitate to charge foreign suspects accused of committing crimes in countries that refuse to extradite to the US. The FBI has traditionally been reluctant to do so, he said, to avoid embarrassment to other nations.
“There’s a lot of countries that will not extradite,” he told Reuters. “That will not stop us from pressing forward and charging those individuals and making it public.”
The new, aggressive policy is likely to lead to a slew of new arrests, Anderson continued, adding that Belorossov would be a relatively minor target compared to some of the suspects the FBI is currently investigating.
Other hackers could benefit from bureau leniency if they choose to cooperate. Hector Monsegur – founder of the Lulzsec hacker group perhaps better known as Sabu – has seen his sentencing hearing delayed multiple times in exchange for helping the government infiltrate high-value foreign targets.
Anderson refused to say how many former suspects are now on the FBI’s payroll, but Jim Lewis, a senior fellow with the Center for Strategic and International Studies, told journalists Jim Fenkle and Joseph Menn that the agency relies on more outside help than ever before, with perhaps as many as a dozen hackers.
Along with the tried and true distributed denial of service attacks and attempts at identity theft, experts have warned that cyber crime will become much more serious over the next decade. Future threats could include potential cyber assault on new vehicle models, home appliances, or entertainment devices, as well as more dangerous ransomware attacks that victimize online finances.
Hackers recently targeted Target, obtaining data from as many as 110 million customers. Ed Lowery, a special agent for the criminal investigations unit of the US Secret Service, which also investigates cyber crime, said the public should expect more incidents like this to occur before organizations learn about their vulnerabilities.
“What we have seen is a change in the sophistication of attackers and the attack vectors,” he told Eweek.com. “These are professional criminals; they study their victims, and they are looking for vulnerabilities they can exploit.”