The following opinion piece, published on March 28, 2014, on cleveland.com, was written by FBI Cleveland Special Agent in Charge Stephen D. Anthony. It is scheduled to be printed in the Sunday, March 30, 2014 edition of The Cleveland Plain Dealer.
The Internet touches everything and everyone. For that reason, it has also provided the means for hostile foreign nations, hackers for hire, and criminal syndicates to steal our personal information, intellectual property, technology, and state secrets. Terrorists may seek to strike our critical infrastructure and our economy.
As FBI Director James Comey told Congress last year, we expect threats posed by cyber crime attacks to surpass threats posed by terrorists as our top national security threat.
We here in Northeast Ohio—with our concentration of manufacturers, world-class hospitals, and research universities—are not immune to the threat.
Given the scope of this threat, we in the FBI are working side-by-side with our partners, including the U.S. Department of Homeland Security and the Department of Defense.
We are targeting high-level intrusions—the biggest and most dangerous botnets, state-sponsored attacks, and global cyber rings. FBI agents, analysts, and computer scientists combine technical skills and traditional investigative techniques—including sources and court-authorized interception of communications, surveillance, and forensics—to find and stop cyber criminals. We are working with our federal, state, and local partners and instituting Cyber Task Forces in each of our field offices across the United States, including here in Northern Ohio. Our 64 Legal Attaché offices around the world coordinate international cyber investigations, and we have special agents embedded with police departments overseas in cyber “hot spots” to identify emerging trends and key players.
But we cannot do it alone. Whether it’s a bank robbery, a murder investigation, or a sophisticated cyber intrusion, law enforcement cannot succeed without witnesses and community support. Our private sector partners are the primary victims of the cyber threat, yet they also possess the knowledge we need to stop these attacks.
I understand why businesses may be reluctant to report computer intrusions. They are worried about privacy issues and shareholder lawsuits, loss of competitive edge, and negative publicity. There is still some confusion about the “lanes in the road” when it comes to the federal government and cyber security. And to some it may seem that cooperating with the government is bad for the bottom line.
But former FBI Director Robert Mueller summed it up succinctly two years ago when he said, “There are only two types of companies: those that have been hacked, and those that will be.”
We must overcome companies’ worries to better protect the private sector’s proprietary information and customer data. We must share as much information as we can, as quickly as possible, so that companies can minimize any breach. And we must continue to build strong partnerships. As the special agent in charge, our office, including myself, is committed to being on a first-name basis with key industry partners in our community. Our office needs to know what private sector businesses need from the FBI and how best to protect their interests.
We also need the means to share information instantaneously. Human speed—typing an e-mail or making a phone call—won’t cut it anymore. As a first step, we in the FBI have created a malware repository that provides near real-time investigative information. If your company has been hacked, you can send the malware to us and, in most cases, receive a report within hours on how it works, what it might be targeting, and whether others have suffered a similar attack. In Northern Ohio, we are developing working groups between law enforcement, the private sector, and regulatory groups. These working groups are a first step towards seamless information sharing, which will help identify nefarious actors and protect our community.
We also want to provide an electronic means for reporting intrusions. Through a program called iGuardian, law enforcement and the private sector can share intrusion information, quickly and routinely. These are important steps. We must stop these threats before they become reality.
There has been much discussion of privacy in recent months and a fair amount of suspicion of the government, particularly with regard to electronic communications. Some believe there is an inherent conflict between protecting national security and preserving privacy and civil liberties. I disagree. The men and women of the FBI are sworn to protect both security and liberty. When a city posts police officers in a dangerous park, for example, so that families can use the park without worry, security has promoted liberty. At our best, that is our goal.
But the Internet park we all use is becoming more dangerous, every day. We face serious threats, and we need timely and accurate intelligence—including electronic communications—to stop those threats. If we are going to discuss altering the tools we use to collect information on individuals we believe are connected to criminal or terrorist activity, we must understand the benefits and the losses that may come with any change. The same is true when we allow the effectiveness of those tools to erode over time, through the failure to update our laws, or when our tools become less effective through unauthorized disclosures.
Intelligent people can and will disagree, but we can resolve these issues with open and honest communication. It will not be easy, and we will not always see eye-to-eye, but we must stand together to protect our data, our intellectual property, our economy, and our collective security.
Showing posts with label cyber. Show all posts
Showing posts with label cyber. Show all posts
Monday, March 31, 2014
Tuesday, December 3, 2013
Wisconsin Man Sentenced for Cyber Attack on Koch Industries
WICHITA—A Wisconsin man has been sentenced to two years' federal probation and ordered to pay $183,000 in restitution for taking part in a cyber attack on Koch Industries in Wichita that was sponsored by a group known as Anonymous, U.S. Attorney Barr Grissom said today.
Eric J. Rosol, 38, Black Creek, Wisconsin, pleaded guilty to one misdemeanor count of accessing a protected computer. In his plea, he admitted that on February 28, 2011, he took part in a denial of service attack on a web page of Koch Industries—Kochind.com. From Wisconsin, he used software called a Low Orbit Ion Cannon Code, which was loaded on his computer. He took part in the attack for approximately one minute. The attack, which was organized by a computer hacking group known as Anonymous, caused Kochind.com to go offline for approximately 15 minutes.
Koch Industries had hired a consulting group to protect its websites at a cost of approximately $183,000.
Grissom commended the FBI and Assistant U.S. Attorney Alan Metzger for their work on the case.
Eric J. Rosol, 38, Black Creek, Wisconsin, pleaded guilty to one misdemeanor count of accessing a protected computer. In his plea, he admitted that on February 28, 2011, he took part in a denial of service attack on a web page of Koch Industries—Kochind.com. From Wisconsin, he used software called a Low Orbit Ion Cannon Code, which was loaded on his computer. He took part in the attack for approximately one minute. The attack, which was organized by a computer hacking group known as Anonymous, caused Kochind.com to go offline for approximately 15 minutes.
Koch Industries had hired a consulting group to protect its websites at a cost of approximately $183,000.
Grissom commended the FBI and Assistant U.S. Attorney Alan Metzger for their work on the case.
Friday, November 8, 2013
FBI Seeks Information Regarding Several Cyber Fugitives
On Tuesday, November 5, 2013, the FBI announced the addition of five individuals to its Cyber’s Most Wanted and is seeking information from the public regarding their whereabouts.
They are Farhan Arshad and Noor Aziz Uddin; Carlos Perez-Melara; Andrey Nabilevich Taame; and Alexsey Belan. Rewards ranging from up to $50,000 to $100,000 are being offered for information that leads to their arrest.
“The FBI will not stand by and watch our cyber adversaries attack our networks; we will track down and arrest individuals who have made it their mission to spy on and steal from our nation and citizens,” said Richard McFeely, executive assistant director of the Criminal, Cyber, Response, and Services Branch. “Because cyber crime knows no boundaries, cyber criminals think they can hide overseas. But we are using our international partnerships and the publicity generated by our Cyber’s Most Wanted to ferret them out.”
Fugitives Farhan Arshad and Noor Aziz Uddin are wanted for their alleged involvement in an international telecommunications scheme and hacking venture to defraud individuals, telecom companies, and government entities in the United States and abroad, resulting in losses exceeding $50 million. It is alleged that between 2008 and 2012, Arshad and Uddin gained unauthorized access to business telephone systems and used those systems to initiate long-distance telephone calls to premium rate numbers through a scheme known as international revenue share fraud. The conspiracy caused the owners of the compromised telephone systems to be billed for services they neither ordered nor desired. Arshad and Uddin are part of an international criminal ring that the FBI believes extends into Pakistan, the Philippines, Saudi Arabia, Switzerland, Spain, Singapore, Italy, Malaysia, and other locations.
Arshad and Uddin were indicted for unauthorized access to a protected computer; conspiracy to gain unauthorized access to a protected computer; wire fraud; conspiracy to commit wire fraud; and identity theft.
Carlos Perez-Melara is wanted for his alleged involvement in manufacturing software that was used to intercept the private communications of hundreds, if not thousands, of victims around September 2003. As part of the scheme, Perez-Melara ran a website offering customers a way to “catch a cheating lover” by sending “spyware” disguised as an electronic greeting card. Victims who opened the card unwittingly installed a program that collected keystrokes and other incoming and outgoing electronic communications. The programs, created by Perez-Melara and known as “Lover Spy” and “e-mail PI,” would periodically send e-mail messages to his customers, allowing them to obtain passwords, lists of visited websites, and intercepted e-mail messages of the intended victims.
Perez-Melara was indicted for manufacturing a surreptitious interception device; sending a surreptitious interception device; advertising a surreptitious interception device; advertising and promoting the surreptitious use of an interception device; intercepting electronic communications; disclosing electronic communications; and unauthorized access to a protected computer for financial gain.
The FBI is seeking Andrey Nabilevich Taame for his alleged involvement in Operation Ghost Click, a scheme that infected more than four million computers located in more than 100 countries from approximately 2007 to October 2011. At least 500,000 victims were in the United States. The scheme involved changing a computer’s domain name system (DNS) settings. The DNS serves as a phone book for the Internet by translating domain names, such as www.fbi.gov, into Internet protocol (IP) addresses, thus allowing Internet traffic to be routed to the correct destination. As part of the scheme, Taame and six other individuals—who have since been arrested—used software that changed the victims’ computers' DNS settings, therefore redirecting users’ legitimate Internet traffic to websites users did not intend to visit. This allowed Taame and his co-conspirators to hijack Internet traffic to commit online advertising fraud by diverting traffic from websites with no commercial relationship to websites that pay for online hits.
Taame was indicted for wire fraud; unauthorized access to a protected computer; and conspiracy to commit both offenses.
Alexsey Alekseyevich Belan is wanted for his alleged involvement in the unauthorized taking of data from three U.S.-based companies in 2012 and 2013. It is believed Belan remotely accessed the victim companies’ computer networks without authorization and thereby obtained information for the purposes of commercial advantage and private financial gain. Belan is also alleged to have knowingly possessed and used, without lawful authority, means of identification belonging to employees of the companies during and in relation to his unauthorized taking of the company data.
Belan was indicted for obtaining information from a protected computer; possession of 15 or more unauthorized access devices; and aggravated identity theft.
They are Farhan Arshad and Noor Aziz Uddin; Carlos Perez-Melara; Andrey Nabilevich Taame; and Alexsey Belan. Rewards ranging from up to $50,000 to $100,000 are being offered for information that leads to their arrest.
“The FBI will not stand by and watch our cyber adversaries attack our networks; we will track down and arrest individuals who have made it their mission to spy on and steal from our nation and citizens,” said Richard McFeely, executive assistant director of the Criminal, Cyber, Response, and Services Branch. “Because cyber crime knows no boundaries, cyber criminals think they can hide overseas. But we are using our international partnerships and the publicity generated by our Cyber’s Most Wanted to ferret them out.”
Fugitives Farhan Arshad and Noor Aziz Uddin are wanted for their alleged involvement in an international telecommunications scheme and hacking venture to defraud individuals, telecom companies, and government entities in the United States and abroad, resulting in losses exceeding $50 million. It is alleged that between 2008 and 2012, Arshad and Uddin gained unauthorized access to business telephone systems and used those systems to initiate long-distance telephone calls to premium rate numbers through a scheme known as international revenue share fraud. The conspiracy caused the owners of the compromised telephone systems to be billed for services they neither ordered nor desired. Arshad and Uddin are part of an international criminal ring that the FBI believes extends into Pakistan, the Philippines, Saudi Arabia, Switzerland, Spain, Singapore, Italy, Malaysia, and other locations.
Arshad and Uddin were indicted for unauthorized access to a protected computer; conspiracy to gain unauthorized access to a protected computer; wire fraud; conspiracy to commit wire fraud; and identity theft.
Carlos Perez-Melara is wanted for his alleged involvement in manufacturing software that was used to intercept the private communications of hundreds, if not thousands, of victims around September 2003. As part of the scheme, Perez-Melara ran a website offering customers a way to “catch a cheating lover” by sending “spyware” disguised as an electronic greeting card. Victims who opened the card unwittingly installed a program that collected keystrokes and other incoming and outgoing electronic communications. The programs, created by Perez-Melara and known as “Lover Spy” and “e-mail PI,” would periodically send e-mail messages to his customers, allowing them to obtain passwords, lists of visited websites, and intercepted e-mail messages of the intended victims.
Perez-Melara was indicted for manufacturing a surreptitious interception device; sending a surreptitious interception device; advertising a surreptitious interception device; advertising and promoting the surreptitious use of an interception device; intercepting electronic communications; disclosing electronic communications; and unauthorized access to a protected computer for financial gain.
The FBI is seeking Andrey Nabilevich Taame for his alleged involvement in Operation Ghost Click, a scheme that infected more than four million computers located in more than 100 countries from approximately 2007 to October 2011. At least 500,000 victims were in the United States. The scheme involved changing a computer’s domain name system (DNS) settings. The DNS serves as a phone book for the Internet by translating domain names, such as www.fbi.gov, into Internet protocol (IP) addresses, thus allowing Internet traffic to be routed to the correct destination. As part of the scheme, Taame and six other individuals—who have since been arrested—used software that changed the victims’ computers' DNS settings, therefore redirecting users’ legitimate Internet traffic to websites users did not intend to visit. This allowed Taame and his co-conspirators to hijack Internet traffic to commit online advertising fraud by diverting traffic from websites with no commercial relationship to websites that pay for online hits.
Taame was indicted for wire fraud; unauthorized access to a protected computer; and conspiracy to commit both offenses.
Alexsey Alekseyevich Belan is wanted for his alleged involvement in the unauthorized taking of data from three U.S.-based companies in 2012 and 2013. It is believed Belan remotely accessed the victim companies’ computer networks without authorization and thereby obtained information for the purposes of commercial advantage and private financial gain. Belan is also alleged to have knowingly possessed and used, without lawful authority, means of identification belonging to employees of the companies during and in relation to his unauthorized taking of the company data.
Belan was indicted for obtaining information from a protected computer; possession of 15 or more unauthorized access devices; and aggravated identity theft.
Subscribe to:
Posts (Atom)