Security News > 2000 > February > FBI Views Hackers as Racketeers

http://www.apbnews.com/newscenter/internetcrime/2000/02/16/hackers0216_01.html WASHINGTON (AP) [2.16.00] -- The nation's top law enforcement officials today described "fast-developing leads" in finding the electronic vandals who shut down major Internet sites last week. But they also acknowledged serious challenges in the manhunt, saying the hackers were sophisticated enough to falsify their digital fingerprints. Attorney General Janet Reno said such a disguise technique "makes it difficult, and sometimes impossible, to hold the perpetrator criminally accountable." "I would simply say that we are taking the attacks very seriously and that we will simply do everything in our power to identify those responsible and bring them to justice," Reno told a Senate panel. FBI Director Louis J. Freeh, who also testified, said there were "fast-developing leads as we speak, and hopefully we can provide more details in coming days." He said FBI field offices in five cities have opened investigations into the attacks: Los Angeles, San Francisco, Atlanta, Boston and Seattle. More agents in other cities and overseas are also involved. A coordination problem Reno and Freeh also conceded important shortcomings in coordinating the myriad government agencies and public and private experts who help investigate high-tech crimes. "We're not doing so good," admitted Freeh, adding that cooperation was improving. The FBI also urged Congress today to consider expanding use of federal racketeering "RICO" laws -- traditionally used against the Mafia and drug cartels -- to apply against organized and persistent hackers. It also urged Congress to lower the $5,000 minimum in damages that victim companies must suffer before attackers can be prosecuted under federal computer crime laws. Freeh said lawmakers should consider "whether some of this activity, which goes beyond a single episode of fraud or hacking, gets into the realm of enterprise criminal activity." "RICO was intended to get gangsters," said Jennifer Granick, a California lawyer who has represented hackers. "Now, it's getting a bunch of kids in black concert T-shirts." Freeh said hackers in many of last week's attacks falsified the Internet addresses of the computers they used, "meaning that the address that appeared on the target's log was not the true address of the system that sent the messages." 'An insidious, organized attack' EBay Inc. disclosed new details today about the Feb. 8 electronic assault launched against it, which shut down the world's largest online auction site for 90 minutes. Similar attacks disrupted other major commercial sites, including those of Yahoo, Amazon.com, Buy.Com, CNN and E*Trade. EBay's lawyer, Robert Chestnut, described an "insidious, organized attack" that was "obviously well planned." The attackers flooded eBay's site with 10 times its normal incoming data, transmitting a specific type of information identical to that used against Yahoo on Feb. 7. Chestnut told the Appropriations Subcommittee on Commerce, Justice, State and Judiciary that eBay also was attacked the evening of Feb. 9, but engineers were able to repel the second attack quickly. The FBI is contacting several hackers, known by their online nicknames. The bureau would not say whether its agents have talked with any suspects, but it appeared some interviews have begun, hacker sources said. Transportation Department sites hit The testimony from Reno and Freeh followed President Clinton's meeting Tuesday with technology experts about ways to improve Internet security. Participants said that during the talks, industry leaders urged the government to lead by example by making its computer systems secure. But overnight Tuesday, a hacker vandalized at least four Web sites at the Transportation Department, including the page for the agency's information officer, George Molaski. Those attacks were first noted by Attrition.Org, acomputer security Web site that records such hacks. The computer breached by the hacker "was in the process of being fixed," Molaski said today. "Unfortunately, they got to it before we closed that door. It was a relatively simple vulnerability." Also today, House Commerce Chairman Tom Bliley, R-Va., criticized "highly vulnerable" computers at the Environmental Protection Agency (EPA), urging it to shut down its Internet connection immediately, citing an unreleased report by the General Accounting Office. EPA spokesman David Cohen said the agency has no plans to disable Internet access, adding that experts there have taken steps to strengthen security of computers with sensitive information. --------------------------------------------------- "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *=================================================* ISN is sponsored by Security-Focus.COM

News URL

http://www.apbnews.com/newscenter/internetcrime/2000/02/16/hackers0216_01.html