FBI Stumped By Hack Attacks Investigation Into Web Site Shutdowns Is A 'New Challenge' Civilian Computer Experts Come to Bureau's Aid High-Tech Evidence Is Harder To Come By WASHINGTON Wednesday, March 08, 2000 - 07:31 PM ET CBS (CBS) The Federal Bureau of Investigation is still looking for the hacker, or hackers, who shut down some of the biggest Web sites on the Internet last month.

It is highly unusual for the FBI to admit that it's been stumped by a case, CBS News Correspondent Jim Stewart reports, but that's close to what Director Louis Freeh admitted recently when asked about the latest wave of Internet attacks. "We're doing not so good in the cyber-crime and cyber-terror area, only because this is a new challenge," Freeh explained.

In FBI-speak, "not so good" actually means pretty bad -- so bad, in fact, that the bureau is seeking outside civilian help on an unprecedented scale. Young, private cyber-security companies who are protecting corporate systems, like Global Integrity in Reston, Va., are stepping in to help train agents in the new science.

Private consultants, like John Vranesevich, tell CBS News the bureau is practically having to re-invent how its investigates these new crimes.

"We saw them move kind of slowly at first," he says. "They continue to move what I would call slowly, but diligently. They're being very careful with this new type of evidence they're having to gather."

At violent crime scenes, evidence may even include the suspect's own blood. Cyber-crimes like the recent attack on the Internet sites eBay and Etrade, however, leave behind only a string of computer code that may -- or may not -- help lead back to the person who wrote it.

There is some physical evidence the bureau can look for, and the suspect's actual computer tops the list. Its hard drive, which is the brain-like memory of the machine that records everything written on it, could be a rich source for evidence. But to get the actual machine you first need an actual suspect.

And the FBI's largely doing that, say analysts, the old fashioned way. The bureau is monitoring the Internet to see if anyone brags about the attack, talking to sources, and hoping someone turns snitch.

According to Global Integrity's Morgan Wright, "With old fashioned crime or electronic crime, you've still got someone behind the keyboard. You still got someone behind the burglar tool that is breaking into the shop. There is still a body involved somewhere."

But just where is the mystery. Civilian and FBI experts monitoring the Internet say whoever is responsible for the latest attacks is still out there, hidden in the hieroglyphics we call cyber-space.

http://kcbs.cbsnow.com/now/story/0,1597,169659-322,00.shtml

-- Martin Thompson (mthom1927@aol.com), March 08, 2000