FBI agent explains motivations of cybercriminals
Aug 31, 2017 09:45AM
By Jana Klopsch
FBI Special Agent James Lamadrid discusses cybercrime at a luncheon for the South Salt Lake Chamber of Commerce. (Ruth Hendricks/City Journals)
On July 27, the South Salt Lake Chamber of Commerce hosted a luncheon for other chambers in the area at the Jordan Valley Water Conservancy District in the Conservation Garden Park.
James Lamadrid was the featured speaker. Lamadrid is a cybersecurity supervisory special agent with the FBI. During the eight years he has been there, he investigated criminal and national security computer intrusions. He manages the Salt Lake City cyber task force, which consists of FBI task force officers, computer scientists, intelligence analysts and administrative staff.
The FBI has three priorities in the cyber area. First is to protect the US against terrorist attacks. After 9/11, the focus shifted from criminal investigations to counter terrorism. The second priority is counter-intelligence against espionage, such as those stealing US secrets or weapons systems designs. The third priority is where Lamadrid’s team comes in: cyberattacks by criminals, overseas adversaries, and terrorists.
The mission of the FBI cyber division is to identify, pursue and defeat cyber adversaries targeting global US interests through cooperation and partnerships with national security and law enforcement organizations.
Lamadrid said that the FBI has limited resources and can’t do it alone. They partner with the Utah Department of Public Safety to investigate cybercrimes.
“It’s not like on the TV show ‘Criminal Minds’ where the computer analyst can pull up information instantly and you solve the crime in 30 minutes. It takes weeks, months, even years to complete these investigations because you have to follow the process of the law.”
Lamadrid discussed the motivations of cyber criminals. The first is “hactivism,” which is when a hacker wants to push for political or social change, or doesn’t agree with your ideology.
A local example of this happened in 2012, when a Utah state senator was trying to get a law passed that a person caught with graffiti paraphernalia could get cited by police for graffiti. A hacker, who didn’t like that law, targeted her and the Salt Lake chief of police’s website and shut them down.
“The hacker, who lived in Indiana, was eventually caught and arrested,” said Lamadrid. “In emails he had called himself ‘the gingerbread man’ because he thought he couldn’t be caught. An FBI agent on the squad who caught him was later called ‘the gingerbread man catcher.’”
The second motivation is crime: hacking done for financial gain. This is the bulk of what the FBI sees.
The third motivation is insider threat, when someone inside the organization hacks for personal gain or for ideological reasons.
“If you have a business with computer staff, remember that they have the keys to your kingdom,” continued Lamadrid. “They could take the information and sell it on WikiLeaks. You should be aware of unusual activity by anyone in your organization, such as someone coming in early, staying late, or accessing folders they don’t need to. It should raise a red flag that you investigate.”
The forth motivation for cyberattack is espionage, which is the stealing of state secrets or proprietary information. Nation-state actors that are frequently involved in this are North Korea and Russia.
A fifth motivation is terrorism. People have tried to take down the US electrical grid. The first bona fide network terrorist attack was when Russia shut down Ukraine’s network, which caused lights out around Christmas in 2015.
Finally, warfare is a motivation that can involve cyber network attacks.
Common targets of hacking are the healthcare sector, the financial sector and government databases. “Four million dollars is the average total cost of a data breach in large companies,” said Lamadrid.
Point of sale breaches are huge now. Criminals can put another device over a company’s point of sale device where you swipe your credit card to capture that information.
Another growing problem is ransomware or data-napping. Your data is held hostage until you pay a ransom. The problem is that the criminal encrypts your data. The files are still on your computer, but you can’t open them. If you pay the ransom, the criminal may or may not send you a key to unlock those files. Bitcoin, a digital currency that is hard to trace, is usually asked for.
The main way to avoid paying a ransom is to back up your files regularly. The FBI recommends that you don’t pay the ransom since it offers an incentive for other criminals to get involved in this type of illegal activity.
In May 2000, the Internet Crime Complaint Center, or IC3, was established by the FBI as a place to receive complaints. Go to www.Ic3.gov to report an Internet crime.