Hacker Hunters By
Brian Grow, with Jason Bush in Moscow
BusinessWeek Online An
elite force takes on the dark side of computing. In
an unmarked building in downtown Washington, Brian K. Nagel and 15 other Secret Service agents manned a high-tech command center, poised for the largest-ever roundup of a cybercrime gang. A huge map of the U.S., spread across 12 digital screens, gave them a view of their prey, from Arizona to New Jersey. It was Tuesday, Oct. 26, 2004, and Operation Firewall was about to be unleashed. The target: the ShadowCrew, a gang whose members were schooled in identity theft, bank account pillage, and the fencing of ill-gotten wares on the Web, police say. For months, agents had been watching their every move through a clandestine gateway into their Web site, shadowcrew.com. To ensure the suspects were at home, a gang member-turned-informant had pressed his pals to go online for a group meeting. At
9 p.m., Nagel, the Secret Service's assistant director for investigations, issued the "go" order. Agents armed with Sig-Sauer 229 pistols and MP5 semi-automatic machine guns swooped in, aided by local cops and international police. The adrenaline was pumping, in part, because several ShadowCrew members were known to own weapons. Twenty-eight members were arrested, most still at their computers. The alleged ringleaders went quietly, but one suspect jumped out a second-story window. Agents nabbed him on the ground. Later, they found a loaded assault rifle in his apartment. The operation was swift and bloodless. "[Cybergangs] always thought they operated with anonymity," says Nagel, a tall, chiseled G-man. "We rattled them." There's
a new breed of crime-fighter prowling cyberspace: the hacker hunters. Spurred by big profits, professional cyber-criminals have replaced amateur thrill-seeking hackers as the biggest threat on the Web. Software defenses are improving rapidly, but law enforcement and security companies understand they can no longer rely on technology alone to deal with the plague of virus
attacks, computer break-ins, and online scams. Instead, they're marshaling their forces and using gumshoe tactics to fight back -- infiltrating hacker groups, monitoring their chatter on underground networks, and when they can, busting the baddies before they do any more damage. "The wave of the future is getting inside these groups, developing intelligence, and taking them down," says Christopher M.E. Painter, deputy chief of the Computer Crime section of the Justice Dept., who will help prosecute ShadowCrew members at a trial scheduled for October. Step
by step, the cops are figuring out how to play the
cybercrime game. They're employing some of the same
tactics used to crush organized crime in the 1980s
-- informants and the cyberworld equivalent of wiretaps.
They're also busy coming up with brand new moves. FBI
agent Daniel J. Larkin, a 20-year vet who heads up
the bureau's Internet Crime Complaint Center, taps
online service providers to help pierce the Web's veil
of anonymity and track down criminal hackers. In late
April, leads supplied by the FBI and eBay Inc. (Nasdaq:
EBAY
- News)
helped Romanian police round up 11 members of a gang that set up fake eBay accounts and auctioned off cell phones, laptops, and cameras they never intended to deliver. "We're getting smarter every day," says Larkin. Smarter
and more collaborative. While the FBI and other investigators have been criticized for fighting each other almost as fiercely as the criminals on traditional cases, they cooperate more than ever when it comes to cybercrime. Local, state, and federal agencies regularly share tips and team up for busts. The FBI and Secret Service, which received jurisdiction over financial crimes when it was part of the Treasury Dept., have even formed a joint cybercrime task force in Los Angeles. Public agencies also are linking with tech companies and private security experts who often are the first to discover crimes and clues. This
makes the hacker hunters an eclectic bunch. Larkin ends up working in tandem with people like Mikko H. Hypponen, director of antivirus research at Finnish security outfit F-Secure Corp. Larkin is a straitlaced, 45-year-old native of Indiana, Pa., who honed his skills during Operation Illwind, the 1980s investigation into kickbacks paid to Pentagon officials by defense contractors. Hypponen is a 35-year-old computer whiz who lives on an island southwest of Helsinki populated by fewer than 100 people and a herd of moose. On
a Rampage
There's a clear reason for this newfound collaboration: The bad guys are winning. They're stealing more money, swiping more identities, wrecking more corporate computers, and breaking into more secure networks than ever before. Total damage last year was at least $17.5 billion, a record -- and 30% higher than 2003, according to research firm Computer Economics Inc. Among the computers compromised were those at NASA, a break-in in which one of the prime suspects is a 16-year-old from the Swedish university town of Uppsala. <
Prev
| 1 2
3
| Next
>Back
to the Fight Against Cybercrime. |
