The g-man versus the army of zombies

The FBI is no longer two technological steps behind cybercriminals. Agents are infiltrating IRC channels and watching the hackers, as they fight a pernicious foe: hackers who turn users' machines into zombies, shut down web servers and extort thousands of dollars.

In part five of his series on Internet crime PCWorld writer Tom Spring takes a look at  how the FBI is investigating criminals who  turn unsuspecting users' computers into zombies that unwittingly carry out attacks. In a tip of the iceberg story, Spring writes about a teenager named Jasmine Singh Cheema attacked more than 2,000 computers, turning them into zombies to launch distributed denial of service attacks on the web servers of his client's competitors.

"If one teenager can jeopardize over a hundred Web sites from his parent's house, imagine what groups of seasoned cybergangs can do," as FBI agent Tim Nestor says. DDoS attacks are crimes of extortion, according to Larry Johnson of the U.S. Secret Service. "Hackers are not shy about asking for $20,000 to $30,000 from companies. The [companies] know it's far cheaper to pay the hackers than to get knocked offline and lose hundreds of thousands of dollars in lost business."

Cybercrime is the FBI's #3 priority, behind terrorism and counterintelligence, and the agency has 16 cybercrime labs around the country.

Cyber criminals have been technologically two steps ahead of law enforcement for a long time. But that may be changing, according to Robert Villanueva, criminal investigator within the U.S. Secret Service. "Hackers used to think they couldn't be touched on IRC channels and using VPN networks," Villanueva says. "We know they are out there, and we are infiltrating their groups and taking notes," he says.

In the future, FBI special agent Nestor says, attacks will get more sophisticated. "It's a cat-and-mouse game. It always has been. As soon as we figure out who the bad guy is and how he operates, the cybercrooks come up with something new."