BusinessWeek on Hacker Hunters

prostoalex writes "You keep hearing about FBI, Secret Service or other law enforcement authorities involved in pursuing international cybercrime gangs, but who are those people and how does the cyberlaw enforcement work? Business Week talks about hacker hunters and people they're after. A large portion of the article is dedicated to describing the global scope of such activities with Russia, Eastern Europe and China leading the ranks for criminal hideouts."

The "H" word

[rbanffy]

Could we please try to restore the word "hacker" a more positive meaning on mainstream media?

Re:The "H" word

[rastakid]

Could we please try to restore the word "hacker" a more positive meaning on mainstream media?

*sigh* Could we just once please stop this endless discussion?

What does it matter what a hacker and a cracker is? As if a programmer gets more attention once the media start to call him a hacker and call the phishers crackers. Also: definitions can change, you know that?

Pfft. They care so much.

[lithium+bandit]

As someone who works in the security field and comes across hacked systems all the time, I'll believe they give a damn when they start returning my calls. Sounds like PR to get someone more funding. Trying to get someone at the FBI to care when you come across bot networks at an ISP, bank, or even a power company is next to impossible.

Re:Pfft. They care so much.

[5cary]

And as one of the "Hacker Hunters" (pffft), I can tell you that it's not the FBI (or any other LE agents) that don't care.

There's *no* point in an agent taking a case or even wasting his/her time returning your call (one of many every day) when he/she already knows that an Assistant United States Attorney (AUSA) won't take the case for prosecution. The threshold set by AUSAs can amazingly high for damages in most cases. Where I work, it is around $50,000 before they'll even talk to you. There's just too much already out there.

Criminal Investigations are all about prosecution. They all have too many cases as it is, all of which they hope to get prosecuted. There's no way an agent will waste their time on an unprosecutable intrusion.

Unprosecutable because:
1) damages don't meet the threshold.
2) the system was unpatched and "invited" the hacker in - I hate this the most.
3) the system was not bannered "..by clicking ok, you agree to give up your expectation of privacy"... - also a stupid reason, but the case law is there.
4) the hostile systems are difficult to obtain evidence from (read: overseas, unfrienldy).
5) the hostile is obviously a script kiddie (stupid warez, IRC, etc.). Experience shows that the effort put forth to go after these idiots is not worth the 30 days probation a juvenile gets in MOST cases - damage dependant.

Experience will tell you what kind of effort your phone call is worth to an investigator. After he delete's your message, there are probably 3 or 4 more waiting to make their own report.

The agency I work for forwards intrusion reports to us via e-mail. I ignore 90% of them. If I responded to them all (or even half), I'd NEVER have the time to go after the important ones. That's life.