How do you protect yourself and your privacy online in an era when cybercrimes are commonplace and becoming more dangerous and sophisticated?
In a recent interview, Assistant Special Agent in Charge (ASAC) Christopher Stangl, the leader of the Federal Bureau of Investigation’s Cyber and Counterintelligence Branch in Newark, discussed techniques to stay safe in cyberspace.
Hillary Viders: What are the most prevalent cyber crimes in the U.S. today?
Christopher Stangl: The majority of cyber crimes that we at the FBI handle typically involve some form of fraud. Within that subset, we see a lot of elder fraud, which is fraud that victimizes our senior citizens. Examples of fraud using the internet include romance scams, lottery schemes, and identity theft. People are generally familiar with the latter.
With romance scams, the criminal is typically hiding behind a phony online profile. The unsuspecting victim begins an online conversation not knowing who the person they are engaging with really is.
The criminal strings along the victim until the victim is invested in the relationship. That’s the point at which the criminal starts to ask for small things—money, a bus ticket to meet—usually after telling a hard-luck story about why he doesn’t have the funds at his disposal. Sadly, by the time the victims realize they’ve been scammed, the criminal has taken a substantial sum of money.
In 2018, more than 18,000 people fell prey to romance and confidence fraud. In one case that we investigated, a man posed as a U.S. soldier overseas and defrauded more than 30 victims out of more than $2.1 million. He was neither a soldier nor overseas.
Another form of cyber crime that we see all too often are those involving children. The predator uses cyber tools—cell phones, the internet—to contact an unsuspecting child and establish a friendship.
Again, the internet allows for a certain level of anonymity. The child does not realize that he or she is being misled. This usually evolves into child pornography but can also lead to child sex trafficking. Parents need to stay engaged and alert when it comes to their child’s online habits. Prevention is the best cure.
One of the more sophisticated types of cyber crimes that we investigate relates to computer intrusion. These involve breaches of companies and individuals to steal intellectual property and then resell it on the dark web on the internet; hold data for ransom; or even worse, compromise our Nation’s security by stealing our most important secrets.
These intrusions may infect computers with a number of viruses.
There’s also something called spear phishing campaigns in which a harmful link is attached to a seemingly ordinary email message. When the recipient clicks on the link, it exposes that computer to intrusion.
Where public and private industry are concerned is with the rise in ransomware. These are sophisticated schemes where the criminal gains access to a company’s computer system in order to encrypt the company’s electronic files. The criminal then holds those files or the keys to the encryption for ransom, demanding that the company pay a certain amount of money in order to regain the files.
The FBI does not encourage that a company pay that ransom. Doing so only emboldens the criminal who will then go on to target other companies on the heels of that success. Instead, we want victim companies to come to us as early as possible and seek our help.
Victims of cyber crime—whether they are a private citizen or a member of private industry—should report the crime to our Internet Complaint Center, or IC3 for short. They can call their local police department, the local FBI office, and can also file online at www.ic3.gov.
HV: When did cyber crimes first begin?
CS: Cyber crimes came into existence and have grown with the advent of the internet in the 1990s and early 2000s. At that time, cyber crimes were committed by individuals who had sophisticated knowledge of the architecture and had tools and capabilities. There were very few individuals who could do this. But, now, you don’t have to be a computer scientist to be able to commit a cyber attack.
HV: Who are the people who are committing cyber crimes nowadays?
CS: As more people have access to the internet, there are more opportunities for exploitation and an increased “attack surface.” The internet provides anonymity and reach, so cyber crimes can be committed by anyone in any location across the world.
Many cyber crimes today involve breaking into and disrupting American companies to steal trade secrets and other sensitive corporate data and also universities for their cutting-edge research and development.
HV: When did the FBI Cyber Division begin?
CS: The FBI’s Cyber Division was established in 2002 to address cybercrime in a coordinated way with specially trained cyber squads at FBI headquarters and in each of our 56 field offices, staffed with agents and analysts who protect against and investigate computer intrusions, theft of intellectual property and personal information, child pornography and exploitation, and online fraud.
HV: How many computer crimes has the FBI investigated?
CS: The FBI has investigated thousands of cyber crimes, and a number of those cases were deemed of such significance that the rapid response and specialized skills of the Cyber Action Team were required. Some of those cases affected U.S. interests abroad, and the team deployed overseas, working through their attache offices and with their international partners. Successful cyber crime investigations typically involve collaboration and coordination with other federal, state, and local partners; private sector partnerships; and frequently coordination with foreign law enforcement counterparts.
HV: How does the FBI respond to cyber crimes?
CS: The FBI can respond with a range of investigative assets, including the Cyber Action Team (CAT). This rapid deployment group can be on the scene just about anywhere in the world within 48 hours, providing investigative support and helping to answer critical questions that can quickly move a case forward.
HV: Can you walk us through how the FBI finds cyber criminals?
CS: The responding investigative team makes an initial assessment, and then call in additional experts as needed. We have partnerships and alliances with other organizations throughout the US and around the world. On site, the team looks for a hacker’s signature, called TTPs—tools, techniques, and procedures. The TTPs usually point to a specific group or person. The hackers may represent a criminal enterprise looking for financial gain or state-sponsored entities seeking a strategic advantage over the U.S.
HV: What are the penalties for cyber crimes?
CS: Cyber crimes can fall under a number of criminal statutes and so there is no blanket answer to that question. Depending on the crime that was committed, whether it is deemed a misdemeanor or a felony, if there are considerable assets lost or destroyed, will affect how the crime is charged and the corresponding sentencing exposure. A misdemeanor usually does not involve a prison term but could attach fines and other penalties. A felony, again, depending on the severity and type of crime, could result in a prison sentence. Often in these cases where money, intellectual property, or other assets are lost, the criminal is ordered to pay restitution to the victim.
HV: Does the FBI come to companies and do onsite cyber assessments to ensure that they are properly protected from cyber crimes?
CS: No. Most of the information in the United States is owned by private industry and the FBI does not have an invasive presence in the private sector unless a breach has been committed. We are not a regulatory agency. That having been said, as I stated earlier, we are working to build and strengthen our relationships within the private sector so that we can better assist should a cyber attack occur. Although the FBI cannot provide advice on how to protect a company’s network, we can provide an overview of the threat landscape to enable private industry to make informed decisions on how to best protect their networks. Establishing trusted partnerships with the FBI before a cyber incident is essential in proactively protecting a company’s network and assisting the government with securing our nation.
HV: What advice does the FBI give companies and businesses that specifically ask for its expertise with their cyber security?
CS: When I meet with companies and organizations, I always refer them to frameworks and standards, such as those found in the NIST (National Institute of Standards and Technology) Cyber security Framework. It an excellent road map to building a secure cyber system that offers five continuous and concurrent steps: identify your most vital assets; protect those assets with a secure plan; monitor your access and controls; have a response plan to a cyber breach; have a recovery plan.
HV: What advice can you give individuals to protect their computers from cyber attacks?
CS: Here are some of the FBI’s recommendations: Set strong passwords; use multi-factor authentication; use anti-virus software; back up important data; install patches and updates; do not click on links from untrusted sources; avoid using public Wi-Fi for sensitive activities; use privacy settings on social media sites; if you are a victim of a cyber crime, contact the local police and the IC3 and submit a complaint; if your banking and/or personal information has been hacked, contact credit reporting agencies and alert your banks.
HV: Does the FBI have special guidelines for children who surf the internet?
CS: I would direct both children and their parents to the FBI’s Safe Online Surfing (FBI-SOS) program. It’s a nationwide initiative designed to educate children in grades three to eight about the dangers they face on the Internet and to help prevent crimes against children. If you go to www.fbi.gov, you will find the Safe Online Surfing website.