Hacker investigator: We won't stop
The FBI and U.S. Department of Justice are currently engaged in one of the most far-reaching hacker crackdowns ever -- an investigation that the government says has international implications. And some hackers have reacted in kind, hitting government sites hard with cyber graffiti and denial-of-service attacks.
With the hack attacks and government investigation continuing, CyberCrime's Luke Reiter spoke to U.S. attorney Paul E. Coggins, the Dallas-based lawman spearheading the federal investigation.
Reiter: Tell us what you can about the warrants you've executed and the status of your investigation.
Coggins: We've executed 16 warrants in 12 different locations, and some of those locations are in Texas, and most of them are outside Texas. In connection with the execution of those warrants, all we've specified is that it relates to a far-reaching hacking investigation that, by the nature of these investigations, they take time to develop, because once you get the computer, obviously, you've got to analyze what's on the computer, and that does take the FBI, generally, in the neighborhood of months. Right now, all of the search warrants are sealed, so we're really not at liberty to talk about who received the search warrants or what was specified on the search warrants, other than to say there were 16 search warrants served in 12 different locations by the FBI.
Reiter: This is a very far-reaching crackdown, wouldn't you say?
Coggins: I'm not aware of any crackdown that's been bigger than this. We've had hacker cases before in our office; this is the broadest and most comprehensive one we've had. We're obviously working with Washington on this. No one's been charged with anything. This is an ongoing investigation. Obviously, the crashing of the Web sites complicates the investigation, because it's an additional federal offense that we're now looking at.
Reiter: What would justify, or spur the government on to, such a comprehensive crackdown?
Coggins: This is a serious investigation. There's been a lot of effort put into it. It's been going on for about a year, prior to the execution of the warrants. Obviously, whenever you get a warrant, in the federal system, you have to go to a magistrate and justify the search warrant, which we were able to do here. It will take us, I think, many, many months to determine where we're going to go with this investigation. In other words, is there enough to charge? If so, will it be one charge, or will there be investigations spun off to other districts?
We're working with other districts here, because some of the search warrants were executed outside the state of Texas. And nobody can answer those questions. We couldn't answer those questions now, except to say, we had quite a bit of information prior to the execution of the search warrants, because this investigation has been going on for a year.
Reiter: It's been reported that a hacking group called Global Hell was, in large part, the target of many of these raids. Is that true?
Coggins: We have not identified any groups or any individuals, because that would be identifying what's on the search warrants, and the search warrants are still sealed. So, really, I'm not going to be able to specify for you who we're looking at, or what we're looking at, beyond saying hacking crimes.
Reiter: Was this a shotgun law-enforcement approach to try to gather information, or are these warrants targeted at specific individuals about whom you had particular information?
Coggins: Well, anytime we have a warrant, we have to go to a federal magistrate, basically, and make a showing that not only is there reason to believe a crime has been committed, but that evidence of the crime will be contained in this computer. So, obviously, we had to make that showing to the magistrate prior to executing the search warrants. Now we're in the process of reviewing the evidence that we're gathering. And only after all that evidence, and more, has been reviewed -- because this is an ongoing investigation, you know, there will be additional steps taken in this investigation -- will we be able to make a statement that these charges are going to be brought against these individuals. And sometimes things will turn out that it will be one charge against a number of individuals spread across many different states -- and sometimes many different countries, by the way, because there are international ramifications to this investigation -- and sometimes it turns out that we spin off a number of different indictments. So instead of one indictment, we have three or four different indictments. What looks like one group turns out to be three or four different groups doing this. So, we really aren't going to be able to answer those kind of questions until we are able to come forward with an indictment in the case.
Reiter: There has been, in essence, a declaration of war by some hackers. Do you guys accept the declaration of war? How do you view this?
Coggins:We view it this way. Number one, for individuals who have either done this, or are contemplating this, the best advice we can give you is to cut it out. Don't do it. Because, if you think, number one, that it's going to cause the FBI or our office to back down, it won't. All it does it give us an additional charge to investigate -- an additional crime to investigate -- because intentionally causing the failure of a Web site is a federal felony. It will be investigated, we will catch a number of these people, they will be sentenced, and probably sent to jail for this. So, if there are people out here listening to this, who think this is a game, and it's cat and mouse, don't throw away your life by getting involved in committing a federal felony. So, in terms of do we accept the challenge? We don't look at it as a challenge. We look at it as a crime that is there to be investigated, and clearly, will not deter us from doing our job, which is to investigate these hacking allegations.
Reiter: Does it seem to you that there is a war in their minds, at least?
Coggins: Clearly, we've had cases in the past, where Web sites have been shut down by people out of retaliation or revenge -- sometimes for something a reporter has said or done. The motive behind the shut down of the Web site is really irrelevant in federal law. In other words, if we're able to prove that such person shut down a Web site because he wanted to take revenge against the government, that will in no way mitigate the sentence, but in fact, may even aggravate the sentence.
Reiter: Have you stepped up your investigation to include the hacks of the FBI site, Senate site, and some of the other government sites that have been recently targeted?
Coggins:I can tell you this: The Department of Justice and the FBI have been actively investigating those, and will actively investigate those. So, the answer to that is, yes.
Reiter: Do you have reason to believe that some of the people you've targeted already may have been involved in those (hacks)?
Coggins: We don't know that at this point, and I really wouldn't want to speculate. I mean, obviously, we can sit here and speculate about motives, and clearly, revenge and retaliation often enter into these kinds of offenses. But we don't know that, and there could be copycats out there acting as well. So, the bottom line is, we're going to wait and see what develops, we're going to try to make cases against those who shut down the Web sites, and we'll catch some, and they will be prosecuted under federal law.