Investigating Cybercrime
December 29, 2017
The devastating Equifax breach is being pursued by federal investigators who know what they are doing, we learn from the piece, “Cybercrimes Present Unique Challenges for Investigators” at SFGate. AP Writer Kate Brumback writes:
The federal investigators looking into the breach that exposed personal information maintained by the Equifax credit report company are used to dealing with high-profile hacks and the challenges they present. The U.S. attorney’s office and FBI in Atlanta have prosecuted developers and promoters of the SpyEye and Citadel malware toolkits, used to infect computers and steal banking information. They’ve helped prosecute a hack into Scottrade and ETrade that was part of an identity theft scheme, and aided the international effort that in July shut down AlphaBay, the world’s largest online criminal marketplace.
The U.S. Attorney’s office has confirmed that, along with the FBI, it is investigating the breach at Atlanta-based Equifax, which the company said lasted from mid-May to July and exposed the data of 145 million Americans.
Though investigators would not tell Brumback anything about this specific investigation, they shared some of what it is like to pursue cybercrime in general. For example, one prosecutor notes that for every conviction there are about 10 times as many investigations that dead-end. Aliases and invite-only forums make it difficult to identify perpetrators; often, success is the result of a slip-up on the part of the bad actor. Another complication—as we know, the internet transcends boundaries, and several foreign governments do not extradite to the U.S. (or do, but slowly). Once we do catch the bad guys, they can be punished, but the issue of restitution tends to be prohibitively complicated. With a focus on prevention, investigators are now working with many companies before breaches occur.
Cynthia Murrell, December 29, 2017