As he described various views of cybercrime, an FBI investigator recalled the tale of six blind men and an elephant. Each touches a different part, from the tusks to the tail, and variously describes the elephant as a spear, a wall, a snake, a tree, a fan and a rope.
So it is with cybercrime, he said, describing it as an evolving problem that requires more cooperation among public and private entities around the world if it is to be better understood and effectively fought.
“It’s definitely an exploratory field, and the future is explosive and unknown,” said Michael Briskie, an asset forfeiture investigator in the New York FBI office, speaking on Jan. 11 at the International Conference on Cyber Security at the Lincoln Center campus.
He focused on organized cybercrime, presenting research that he conducted for his master’s degree in economic crime management at Utica College. For his thesis, he studied geographic and demographic trends in cybercrime and their implications for the U.S. financial infrastructure.
He described various difficulties, such as investigations that stall when they lead across state or international boundaries, or that founder because of the distance between victim and suspect.
story continues below
He painted a picture of nimble and opportunistic cybercriminals who have a finely tuned sense of when and how to strike.
“They exploit uneducated users and technology produced by the industry, and they are quickly adaptable to varying and modifying their schemes,” Briskie said, adding that cybercriminals often move to parts of the world where anti-cybercrime laws are poorly enforced or nonexistent.
He emphasized the threat to the banking public: “Everyone does online banking and is susceptible to embezzlement, fraudulent bank loan applications, disruption of e-commerce, compromising banking payment systems, [and]identity theft through account takeovers,” Briskie said.
He found that hot spots for cybercriminals abroad include the United Kingdom, Nigeria, Canada, Romania and Italy; Russian organized crime groups pose a particular threat, along with organizations in Asia, the Balkans, the Middle East and Africa.
Organized crime groups are joining together and coordinating their efforts, he said. Terrorist organizations are teaming up with cybercriminals to launder money and plan attacks on the United States’ financial infrastructure, he said, and noted that Muslim extremists are adjusting their ideologies to justify the use of cyberfraud to fund their attacks.
He said it’s critical for law enforcement agencies worldwide to share information, make greater use of computer forensic principles and tools, and work with public and private organizations and software developers. He noted that software companies have released programs that are ripe for attack because it’s considered more cost-effective to fix the program after it has been exploited.
Current collaborative efforts include InfraGard, involving the FBI and various private entities including business, universities and law enforcement, and the cyber fusion center created by the FBI to bring private and government investigators together. Law enforcement agencies at the federal, state and local levels continue to improve their communications and conduct joint investigations, he said.
He listed the things individuals can do to protect themselves, such as updating their computer firewalls and antivirus and antispyware programs and checking their credit reports more than once a year. Don’t reveal personal information on social networking sites, and look for sites that display a lock symbol or an “https,” he said.
“Don’t trust everything you see. That’s the No. 1 rule,” he said.