This ain’t CSI: How the FBI hunts down cyber criminals around the globe

FBI Cybercrime
FBI
Cyber-attacks are ten a penny now, and the FBI and other authorities that investigate these crimes around the world have many hurdles to cross if they want to catch a hacker. Police forces can often be hindered by the dark web and anonymizing tools used by cyber-criminals to cover their tracks, but there are also political barriers in arresting cyber-criminals in other countries as well as lengthy trials and investigations into home-grown perpetrators. A couple of high profile cases from recent years have shined a light on how cyber-crime cases are carried out.

There is now a growing underground economy for cyber-crime. It is no longer the preserve of just the hacker elite. The market is thriving, said Symantec in one of its most recent threat reports. More cyber-criminals, whether sophisticated or glorified script kiddies, means more work for authorities as they try desperately to keep up with a flood of international attacks.

International cyber arrests

Many of the world’s most active hackers are dotted across the globe, from Russia to China, from the UK to Australia. The FBI’s most wanted cyber-crime list includes numerous foreign nationals. The most recent hacker snagged from across the pond was British man Lauri Love, who is charged with infiltrating US government computers and now faces extradition.

Blackshades group

FBI

American authorities encounter many hurdles when trying to capture and extradite an international cyber-criminal. Recently, they scored a rare win with the extradition of alleged hacker Ercan Findikoglu, a Turkish man who’d been arrested in Germany in 2013 and had been sitting in prison there since. Findikoglu, 33, is accused of leading a criminal group that hacked ATMs in New York and 23 other countries, stealing over 50 million dollars. Findikoglu had been described as one of the most wanted cyber crooks in the world, and if convicted he could face life behind bars — in the form of a 247 year prison sentence.

A Swedish man named Alex Yucel, who led the Blackshades group, was convicted by a New York court in June and sentenced to four years and nine months for developing and selling malware. He had been arrested in Moldova in 2013 and successfully extradited following years of creating remote access tools that could gain control of victims’ computers. His software is believed to have infected over 500,000 computers.

Yucel pleaded guilty and Judge P. Kevin Castel described him and other cyber-criminals as “spreading misery” across the world’s internet users. “The message must go forth that this is a serious crime worthy of a serious punishment,” said the judge. “Yucel’s computer hacking days are now over,” said Preet Bharara, US Attorney for the Southern District of New York.

Forming cross border bonds

There are many wanted hackers in Europe that are of interest to American authorities. One of the most notorious is Nicolae Popescu, a Romanian national, wanted for orchestrating an Internet fraud scheme.

Local Romanian authorities take the threat of hackers very seriously, says Alexandru Catalin Cosoi, chief security strategist at Romanian security software company Bitdefender.

Academics, the security industry, and governments need to form bonds to carry out international efforts.

“[Authorities are] in the underground forums, they’re doing a lot of arrests,” he says. “I know that there are a lot of specialists in the law enforcement agencies that are very skilled and are very eager to solve these issues.”

Academics, the security industry, and governments need to form bonds to carry out international efforts, adds Dr. Bhavani Thuraisingham, director of the Cyber Security Research Center at the University of Texas, Dallas. “We need not just technical solutions, we need political solutions,” she says.

In Europe, organizations like Europol and the private security sector work together to investigate and eventually arrest cyber-criminals, says Ilias Chantzos, senior director of government affairs EMEA at Symantec.

“We will work together, collect intelligence to understand what is the criminal infrastructure we want to go after,” says Chantzos, who also sits on Europol’s Cybercrime Centre (EC3) advisory group. “What will happen, will be an effective, regular interaction between corporations and law enforcement, exchanging information, and when there’s a green light, the operation will take place.”

ShroudedHorizonMap1300

Europol also collaborates with the FBI, as seen recently in the shuttering of dark web forum Darkode, which included Romanian authorities, for example. The operation was led by the FBI and included law enforcement agencies from 20 countries. “Obviously jurisdiction is an issue,” explains Chantzos, but effective communication and collaboration makes a difference.

“We need to know that the criminal is in a territory that we can do the arrest or that we know that some of the criminal infrastructure we’re going to disrupt is in a territory that we can exercise jurisdiction. Some of it will not be there and we need to accept that so often the effectiveness will be as good as it possibly can be.”

Safe in Russia?

The top man on the FBI’s most wanted cyber-crime list is the Russian hacker Evgeniy Mikhailovitch Bogachev, with a three million dollar bounty on his head, the highest reward of anyone else on the list.

The FBI says he’s likely still at his residence in Anapa, Russia on the Black Sea, which poses immense challenges for investigators. The US doesn’t have a formal extradition treaty with Russia, unlike Sweden, Turkey, and Germany, and diplomatic relations between the countries are fraught. Russia’s decision to grant asylum to Edward Snowden in 2013 worsened relations between Russia and the US on this matter.

We will use every available legal and diplomatic means to bring all cyber-criminals to justice wherever they reside.

“We will use every available legal and diplomatic means to bring all cyber-criminals to justice wherever they reside,” said David Hickton, US Attorney for the Western District of Pennsylvania, where the charges were filed.

Bogachev (AKA “lucky12345″ and “slavik”) was formally indicted last year under his real name for developing strains of ransomware and coordinating the GameOver Zeus botnet, an attack network that could be used to siphon off online banking details. His malware is believed to have infected at least one million computers globally and raked in an estimated $100 million.

The Russian’s charges are exhaustive and include computer fraud, bank fraud, conspiracy, and aggravated identity theft. He’s considered a major threat to the US banking industry and the possible head of a cybercrime “gang” working out of Russia and Ukraine, which has made him a high priority.

There are rumors that Russian authorities have willingly turned a blind eye. According to a Telegraph report from last year, he is even seen as a hero of sorts among the residents of his hometown. That makes catching him much more difficult — though it’s still not impossible.

EVGENIY MIKHAILOVICH BOGACHEV

“Cybercriminals like normal people like to travel,” says Chantzos. “[Russians] might go to Cyprus for holiday. Well, guess what, there’s a European arrest warrant waiting for him. The moment he arrives in Cyprus, he’s going to get picked up.”

Many hackers, regardless of nationality, are known to have traveled in the hopes of evading capture, but it may give the FBI a chance. Latvian Alexsey Belan, wanted for hacking US ecommerce companies, was last known to be in Greece. Peteris Sahurovs, who allegedly sold fraudulent security software, may still be in Latvia. These hackers, if picked up in their travels, can be extradited regardless of nationality.

An unsolved mystery

As criminals like Bogachev have proven, there are still major gaps in international cyber-crime enforcement, and a smart hacker can exploit them to operate with near impunity.

Nevertheless, international stings have become more commonplace, and much more intensive. In recent news, the FBI is seeking the extradition of two Israeli suspects following their arrest over the JPMorgan hack. And in June, Europol successfully shut down a major cyber-crime organization in Ukraine.

“There’s a lot of countries that will not extradite. That will not stop us from pressing forward and charging those individuals and making it public,” Robert Anderson, the FBI’s Executive Assistant Director of the Criminal, Cyber, Response, and Services Branch, told a conference in May, promising more arrests under his tenure.

Bogachev may still be in Russia, but with a $3m incentive for his arrest, hacktivists and online sleuths could end up being the FBI’s friend. Countries across the globe are well aware of the threat foreign hackers can pose, and are working together to tighten the noose. Today’s Internet at times feels a bit like the wild west, it will in all likelihood be tamed. Eventually.

Computing

3DMark’s Port Royal lets you benchmark ray tracing on Nvidia’s RTX cards

UL is adding another benchmarking utility to its popular 3DMark suite to help gamers measure their graphics card's ray tracing performance. You'll soon be able to measure how Nvidia's RTX 2070, 2080, and 2080 Ti stack up.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Home Theater

The best movies on Netflix in December, from 'Buster Scruggs’ to endangered cats

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, witty humor, or anything else.
Movies & TV

Stay inside this winter with the best shows on Hulu, including 'Killing Eve'

It's often overwhelming to navigate Hulu's robust library of TV shows. To help, we put together a list of the best shows on Hulu, whether you're into frenetic cartoons, intelligent dramas, or anything in between.
Computing

Snatch Apple’s 2017 15-inch MacBook Pro for up to $1,200 off at B&H

The latest deal at B&H is offering up 2017 15-inch Apple MacBook Pros, in space gray and silver, with Intel Core i7 quad-core CPUs, 16GB of RAM, and AMD Radeon Pro 560 GPUs with up to 2TB of SSD storage.
Computing

I tried an LTE laptop for a month, and I wasn’t really convinced

LTE laptops offer up plenty of benefits and are becoming more common. After spending one month with one in my daily life in New York City, I really wondered if it is something that consumers really need in their lives.
Computing

Microsoft’s Chromium Edge browser may be adding your Chrome extensions

Fans sticking to Google Chrome because due to its vast extension library might be able to switch over to Microsoft's latest iteration of Edge, as a project manager confirms that the company has its eyes on Chrome extensions.
Gaming

Apple Mac users should take a bite out of these awesome games

Contrary to popular belief, there exists a bevy of popular A-list games compatible for Mac computers. Take a look at our picks for the best Mac games available for Apple fans.
Emerging Tech

An A.I. cracks the internet’s squiggly letter bot test in 0.5 seconds

How do you prove that you’re a human when communicating on the internet? The answer used to be by solving a CAPTCHA puzzle. But maybe not for too much longer. Here is the reason why.
Computing

Qualcomm’s dual-screen PC concept looks like two connected Surface Go tablets

In Qualcomm's video teaser, we got a glimpse of the company's vision for how a dual-screen ARM PC should work. The internet reacted to Qualcomm's video, calling the device in question merely a mashup of two Surface Go tablets.
Deals

Check out the best Green Monday deals for those last-minute gifts

Black Friday and Cyber Monday have come and gone, but that doesn't mean you've missed your chance of finding a great deal. We're talking about Green Monday, of course, and it falls on December 10.
Computing

Hololens 2 could give the Always Connected PC a new, ‘aggressive’ form

Microsoft is said to be leaning on Qualcomm to power its Hololens 2 headset. Instead of Intel CPUs, the next Hololens could use a Snapdragon 850 processor, allowing it to benefit from the always-connected features.
Computing

Chrome’s dark mode may cast its shadow over Macs by early 2019

By early 2019 Google may release a version of Chrome for Mac users that offers a Dark Mode feature to match MacOS Mojave's recent darkening.