VOL. 128 | NO. 179 | Friday, September 13, 2013
Cyber Crime Growing Priority for FBI
By Michael Waddell
Glankler Brown PLLC attorneys on Wednesday, Sept. 11, welcomed FBI Supervisory Special Agent Scott E. Augenbaum as the guest speaker for a cyber crime seminar for staff and clients at its East Memphis office.
Augenbaum hopes to spread the word about cyber crime by demonstrating how anyone that has a computer or mobile device, who banks online or has a database that holds sensitive financial information is at risk.
“Right now cyber crime and computer intrusions are the No. 3 priority for FBI, with No. 1 being terrorism and No. 2 being counter intelligence,” Augenbaum said. “FBI Director (Robert) Muller has said that he believes cyber crime will be the No. 1 priority for the FBI.”
Cyber crimes cost U.S. businesses approximately $100 billion each year, according to a joint study released earlier this year by the Center for Strategic and International Studies and computer-security firm McAfee.
Augenbaum shared stories of dealing with elaborate Russian organized crime syndicates.
“The most disturbing thing to me is that 95 percent of the time computer crimes could be easily avoided. It all comes down to stolen credentials,” said Augenbaum, who has worked for the FBI since 1988 and is now the supervisory special agent working in the Nashville office and heading up the Memphis division’s computer intrusion/counter intelligence squad.
Augenbaum became involved in computer crime in 1996, and he recounted anecdotes from the early days of the Internet crime when he chased mostly amateurs and thrill-seeking college students.
By the mid-2000s, he began seeing a large number of computer intrusions originating in the former Soviet Union against mid-level companies in the U.S. They were installing key loggers onto people’s computers and getting the username and password for cash accounts.
“They unloaded 11 accounts and were able to withdraw about $50 million, with attempted losses of a quarter of $1 billion,” said Augenbaum, who explained how the Russian criminals were protected by “bulletproof hosting” from a Russian Business Network Internet provider in St. Petersburg, Russia. “At one point the Russian Business Network was responsible for 50 percent of the world’s child pornography and 50 percent of phishing sites.”
Crime rings have become highly sophisticated and globally connected, like seen in a 2007 intrusion at the Royal Bank of Scotland in Atlanta. Criminals were able to access customer accounts and produce ATM cards with stolen information.
“They had a sophisticated infrastructure set up throughout the world, and within one hour ‘mules’ in 40 countries and at 137 ATMs were able to withdraw $9.7 million from customer accounts,” Augenbaum said.
Much of the crime today is perpetrated on social media sites like Facebook, and Augenbaum pointed out that even having a date of birth on your Facebook page can lead to identity theft.
Acquiring a person’s passwords can put all sorts of sensitive information at risk, including Social Security information, medical records, valuable intellectual property, credit card numbers and financial records.
The computer program used most by criminals is Adobe Acrobat, with malicious code in program updates and sent as email attachments that potential victims are urged to open immediately.
“Right now, virus writers are writing 60,000 new viruses a day, and intrusion detection systems are only 30 percent effective at best,” Augenbaum said.
Steps to reduce the threat level include always using a 10-digit password for all accounts and use a combination of letters, numbers and special characters when possible. Augenbaum also urges people to use different passwords for different accounts and to never under any circumstances click on any links from people you do not know.
“Almost every computer intrusion case that I have seen involving a significant loss of $75,000 and up has involved someone clicking a link that they shouldn’t have clicked,” Augenbaum said. “In most cases, the chances of us getting back what was taken are almost slim to none (when overseas crime syndicates are involved), and the chances of us putting someone in jail are extremely challenging.”
The FBI is seeing increase criminal activity involving mobile devices.
“It’s the next big avenue that the cyber criminal will be attacking us on,” Augenbaum said.
The FBI plans to add more agents to its cyber crime division in the coming years.
The next Glankler Brown seminar is likely to take place in October and could focus on the hot topic of the Affordable Care Act and the implementation of Tennessee’s insurance exchange.