WASHINGTON — The tip came from another country's law enforcement officials: Eight major banks in the U.S. were being targeted by cybercriminals operating there.
FBI agents fanned out that night to warn the branches that hackers were aiming to break into their computer systems. The banks were able to spot the attempted breaches, and block them, FBI officials said.
Concerned about the rise in this type of sophisticated computer attack from abroad, the FBI and the U.S. Secret Service are beefing up their international cybercrime enforcement, sending agents who specialize in the threats overseas to specifically deal with digital perils.
Their growing coordination with other nations, however, faces legal and political challenges posed by conflicting laws and the lack of broadly accepted international guidelines for Internet oversight.
"With the increased connectivity in countries that heretofore didn't have that amount of access, and the technological advances made in corporate America that have put vulnerable financial information online, it's been the perfect storm," said Shawn Henry, assistant director of the FBI's cyber division.
So far, Henry said, the FBI has set up new cybercrime offices in four countries, including Romania, Estonia and the Netherlands, and is hoping to add two or three more over the next year. Henry would not name the fourth country.
The cybercrime specialists operate in addition to the 61 legal attache offices the FBI has overseas.
"We've gotten so many requests (for help in overseas cases) that we actually have started to embed FBI personnel into the national police agencies of a number of countries," Henry said.
The U.S. Secret Service, meanwhile, is setting up an electronic crimes task force office in Rome, and adding a field office in Tallinn, Estonia, a country that suffered a major cyberattack in the spring of 2007.
While the Secret Service declined to discuss specific staffing, the agency now includes some computer training for all of its 3,400 agents. About a third of the total gets digital forensics and investigative training.
According to FBI data, the number of international cybercrime cases opened by the bureau leaped from a handful in the 2001 fiscal year to about 300 in the year ending Sept. 30, 2008. During the same period, the number of leads received by the FBI involving overseas cybercrime shot up from about 570 in 2001 to roughly 2,120 in 2008.
The cases involve an array of cyberthreats, intrusions and denial of Internet service attacks, but do not reflect the many other crimes that could involve the use of a computer, such as sending threats electronically or fraudulent wire transfers.
Jim Meehan, assistant to the special agent in charge of the Secret Service's cyber section, said the breadth and sophistication of the crimes is dramatically expanding.
He pointed to the case of Albert Gonzalez, the 28-year-old hacker who — along with two Russian co-conspirators — was indicted in connection with a scam to steal tens of millions of credit and debit card numbers by breaching the computer systems of TJX Cos., BJ's Wholesale Club, OfficeMax, Boston Market and others.
Hackers in one country often attack a bank on another continent by routing their breach through armies of infected computers in various nations, linked together in what is called a botnet.
The owners of the infected computers often don't know their laptop is under someone else's control.
Law enforcement officials and analysts say many countries — particularly underdeveloped nations — don't yet have laws covering cybercrime. Others have laws against activities such as free speech, that the U.S. does not consider illegal.
As an example, legal charges against a Filipino student who unleashed the "Love Bug" computer virus back in 2000 were dismissed in part because there were no laws in the Philippines that applied to computer hacking. The virus crippled computer e-mail systems worldwide and caused billions of dollars in damages.
According to officials, countries in Eastern Europe, Africa and South America — including Nigeria, Brazil, Ukraine, and until recently Romania — have become burgeoning sanctuaries for hackers because of weak law enforcement.
Ulf Bergstrom, spokesman for the European Network and Information Security Agency, based on the Greek island of Crete, agreed that "we need at least to establish common privacy definitions and minimum standards so that you can effectively combat criminals."
So far, only 26 countries have ratified the Council of Europe's Convention on Cybercrime, an agreement to define, enforce and prosecute computer crimes and cooperate with other nations, including in extradition.
Another 20 countries have signed the agreement, but not yet ratified it. And critics say a key problem is that the nations where cybercriminals operate freely are not among those participating in the agreement. In one key split, the U.S. refused to sign an addendum defining racist of xenophobic acts committed via the computer as crimes, arguing that it conflicted with free speech rights.
"Probably the most important challenge they're going to have to address is that there is not a common definition of what a crime is in cyberspace," said former White House cyber coordinator Melissa Hathaway, who directed the 60-day cybersecurity review ordered by President Barack Obama earlier this year.
Still, enforcement officials say they see signs that the expanding reach of U.S. law enforcement abroad is already having some impact.
"The underground knows that we're reaching across the ocean. They know that now, and that to me is equally important because that has a deterrent effect," said the FBI's Henry.
Associated Press Writer Derek Gatopoulos in Athens contributed to this report.
On the Net:
|