1,853 cy­ber­crime re­ports for ’16 in state, FBI says

Northwest Arkansas Democrat-Gazette - - FRONT PAGE - SCOTT CAR­ROLL

Arkansas was the source of at least 1,853 re­ports of In­ter­net crime last year, with cy­ber­at­tacks rang­ing from per­sonal data breaches to gov­ern­ment im­per­son­ation to ex­tor­tion, ac­cord­ing to the FBI.

The re­ports ac­count for a small per­cent­age of the nearly 300,000 on­line crimes the FBI tal­lied na­tion­wide in 2016, but the agency warns that the at­tacks in Arkansas, some of which were car­ried out by hack­ers over­seas, have be­come in­creas­ingly com­plex.

It re­flects a global trend in which hack­ers have used rapidly evolv­ing tech­niques to in­fil­trate gov­ern­ment, busi­ness and per­sonal com­puter sys­tems.

In May, more than 200,000 com­put­ers across the world were re­port­edly in­fected in a cy­ber­at­tack that in­ves­ti­ga­tors traced to a North Korean hack­ing group. Late last month, an­other ver­sion of that at­tack shut down bank­ing and trans­porta­tion sys­tems across Europe, and stretched as far as the U.S. and Aus­tralia, ac­cord­ing to re­ports.

FBI Spe­cial Agent Se­bas­tian Montes said the scale of cy­ber­crime in Arkansas is much smaller, but many of the meth­ods are the same.

“Do­ing some­thing like that is not easy,” he said. “It takes an in­di­vid­ual with a level equiv­a­lent to com­puter sci­en­tists. These folks, they’re very savvy and they have the lux­ury of time.”

The FBI said more than $1.3 bil­lion was lost in In­ter­net crimes and cy­ber­at­tacks in the U.S. last year, the high­est an­nual to­tal since the agency be­gan pub­lish­ing that in­for­ma­tion in 2000.

In its 2016 In­ter­net Crime Re­port, the FBI noted that ran­somware — ma­li­cious soft­ware that blocks ac­cess to a com­puter sys­tem un­til money is paid — has be­come more com­mon. Hack­ers col­lected more than $2.4 mil­lion through ran­somware at­tacks in the U.S. last year, ac­cord­ing to the agency.

Some of that money came from Arkansas, where the FBI re­ceived 12 re­ports of ran­somware at­tacks in 2016.

In De­cem­ber, over­seas hack­ers blocked the Car­roll

County sher­iff’s of­fice and the ARCare med­i­cal group from ac­cess­ing its com­puter sys­tems in sep­a­rate at­tacks.

ARCare re­port­edly re­gained ac­cess to its files through a backup com­puter sys­tem. The FBI said the sher­iff’s of­fice, which did not have a backup sys­tem, paid hack­ers $2,400 in the dig­i­tal cur­rency Bit­coin to re­cover its files.

Montes, who is as­signed to the FBI’s Lit­tle Rock field of­fice, said the agency in­ves­ti­gated the at­tacks but did not have fur­ther in­for­ma­tion.

“The ad­vice that we gave them and we give ev­ery­body is we don’t ad­vo­cate pay­ing the ran­som,” he said. “That’ll only en­cour­age them to do it more. How­ever, the re­al­ity of the sit­u­a­tion is if they don’t have back­ups, they’re out of op­tions.”

The FBI, through its In­ter­net Crime Com­plaint Cen­ter, fielded at least three com­plaints of ter­ror­ism from Arkansas last year.

In one of those com­plaints, ac­cord­ing to Montes, some­one in Arkansas re­ported that a per­son in an­other state was plan­ning to leave the coun­try to “sup­port Is­lamic ex­trem­ism.” Montes said an­other com­plaint of ter­ror­ism that orig­i­nated in Arkansas in­volved some­one in In­di­ana who was plot­ting a mass shoot­ing.

Montes said the com­plaints, which were ul­ti­mately han­dled by FBI of­fices out­side the state, were taken “very se­ri­ously.”

The cred­i­bil­ity of the third ter­ror­ism com­plaint from Arkansas last year was ques­tion­able, ac­cord­ing to Montes.

The FBI said many com­plaints the agency re­ceives are dif­fi­cult to ver­ify, but an even greater num­ber are never re­ported. The agency es­ti­mates that just 15 per­cent of In­ter­net crimes and cy­ber­at­tacks are re­ported to fed­eral au­thor­i­ties.

“There’s a lot of cy­ber­crime that hap­pens in the state of Arkansas that we don’t even know about,” Montes said.

The 1,853 com­plaints of In­ter­net crime in Arkansas last year slightly higher than the av­er­age over the past decade.

The num­ber of an­nual com­plaints from the state has been steady. The amount of money stolen in cy­ber­crimes each year has in­creased, from $1.3 mil­lion in 2007 to $7.9 mil­lion last year.

“There’s no doubt about it that [the crimes] are get­ting more so­phis­ti­cated,” Montes said.

The most com­mon In­ter­net crimes re­ported in Arkansas and across the coun­try last year were non­pay­ment and non­de­liv­ery scams, ac­cord­ing to the FBI. That’s when some­one pays for a prod­uct or ser­vice on­line but never re­ceives it, or when some­one pro­vides a prod­uct or ser­vice but is never com­pen­sated.

The FBI re­ceived 519 of those com­plaints from Arkansas in 2016.

The sec­ond-most re­ported on­line crime in the state last year was the “419/over­pay­ment” scam. That’s the well-known “Nige­rian prince” scheme in which a per­son so­lic­its fi­nan­cial as­sis­tance, of­ten through email, to trans­fer money in ex­change for a por­tion of the money.

The “419” refers to a sec­tion of Nige­rian law as­so­ci­ated with con artistry and fraud.

The FBI re­ceived 169 of those com­plaints from Arkansas last year.

Peo­ple over 60 years old are the most com­mon vic­tims of In­ter­net crime in Arkansas and across the na­tion, ac­cord­ing to the FBI.

Other In­ter­net crimes re­ported in Arkansas last year were not fi­nan­cially mo­ti­vated.

The Is­lamic State ter­ror­ist group hacked the Arkansas Library As­so­ci­a­tion’s com­puter sys­tem last year and posted the names, home ad­dresses and phone num­bers of about 800 of the as­so­ci­a­tion’s mem­bers on­line, ac­cord­ing to the FBI. The hack­ers also posted Is­lamic State pro­pa­ganda on the as­so­ci­a­tion’s web­site.

The hack was re­ported to be among a se­ries of cy­ber­at­tacks that the Is­lamic State group car­ried out against small civil­ian or­ga­ni­za­tions across the coun­try. Au­thor­i­ties said the hacks were more about arous­ing fear than steal­ing data.

Arkansas State Po­lice spokesman Bill Sadler said the agency looked into the hack but left an in­ves­ti­ga­tion to fed­eral au­thor­i­ties.

“Once it gets to that point of in­ter­na­tional in­trigue, we’re go­ing to lean heav­ily on the FBI,” he said.

There was one re­port of “hack­tivism,” il­le­gal on­line ac­tiv­ity aimed at pro­mot­ing a so­cial or po­lit­i­cal cause, that orig­i­nated in Arkansas last year. Montes said the re­port in­volved ac­tiv­ity on the “dark Net,” re­fer­ring to back chan­nels of the In­ter­net that are some­times used to sell and pur­chase il­le­gal goods and ser­vices. He said he did not have fur­ther de­tails on the com­plaint.

Montes said the FBI fo­cuses on stop­ping groups of on­line crim­i­nals who steal large amounts of money from mul­ti­ple peo­ple. He said the agency doesn’t have the re­sources to in­ves­ti­gate most in­di­vid­ual com­plaints. Many of those com­plaints are for­warded to lo­cal or state law en­force­ment agen­cies.

Montes rec­om­mended keep­ing com­puter soft­ware up­dated and back­ing up im­por­tant files to pro­tect against the most com­mon on­line threats. The FBI part­ners with In­fraGard, a na­tional non­profit group, to share cy­ber­in­tel­li­gence with busi­nesses, law en­force­ment agen­cies and other groups to pro­tect the coun­try’s crit­i­cal in­fra­struc­ture against more com­plex at­tacks.

But even In­fraGard has been vul­ner­a­ble to cy­ber­crime. The group’s web­site was de­faced and the per­sonal in­for­ma­tion of its mem­bers was dis­trib­uted in 2011. A hacker group known as LulzSec claimed re­spon­si­bil­ity.

“It’s ex­tremely dif­fi­cult to stay ahead of ev­ery sin­gle threat that’s out there,” Montes said.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.