Content

Is the FBI’s Cyber Most Wanted List really helping catch bad guys?

In the days before the internet, television and radio spread information like wildfire, putting up a wanted poster was the only method law enforcement had to let the public know it was hunting for someone.

This technique is still used today. The FBI retains and active Ten Most Wanted list along with another web page that is probably not as well known nor as effective called Cyber's Most Wanted.

Like the Top Ten, the Cyber list contains headshots of known cybercriminals describe their general appearance, hometown, birthday, but unlike the better known criminal list the cyber gangsters are unlikely to be spotted using the supplied information. Which was designed so someone taking a trip to the supermarket could spot a bad guy and call the police. But now, unless that supermarket is located in Beijing, Syria or Moscow this information is worthless.

This is the 21st Century, help wanted posters from the 1850s just won't cut it.

 

Here are a few suggested updates.

How about throwing a few local boys onto the list? Now, I've been called overly patriotic, nationalistic and possibly even isolationist by some people, but my love of the Red, White and Blue is not the reason I am making this suggestion. I want to at least harbor the illusion that I might run into a world-class hacker or cyberspy at GameStop and reap the $100,000 reward.

How am I going to help capture Syrian Electronic Army member Firas Dardar? His last known address is in Syria. Same holds true for Wen Xinyu. The FBI lists him as an officer with the People Republic of China's Third Department of the General Staff Department of the People's Liberation Army (3PLA), Second Bureau, Third Office, Military Unit Cover Designator (MUCD) 61398. Hell, I don't even understand his title so how can I find him. My other though it how does that fit onto the business cards he hands out at DefCon, which is possibly the only place he could be spotted?

Sure, the wanted posters use standard identification practices such as height, hair color, tattoos, along with where they were last spotted.

But for tracking cybercriminal wouldn't it be better to list which Dark Web forums he frequents, what type of malware is preferred and maybe some of the tells they might leave behind in the code they write?

On the bright side the FBI does list some of their “handles” that they go by. For example Evgeniy Mikhailovich Bogachev is also known as lucky12345," "slavik," "Pollingsoon” and Mohammad Sagegh Ahmadzadegan also operates under "Nitrojen26," and "Nitr0jen26."

So, while I applaud the FBI's initiative I think it needs to rethink the methodology being used taking it well beyond the semi tongue-in-cheek thoughts mentioned here.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.