Hackers, phishers can't get away with it like they used to

SAN FRANCISCO -- In what is shaping up as a breakthrough year, federal authorities have quietly cracked down on some of the biggest Internet crime rings.

Secret Service and FBI operations since January have broken up a huge forum for stolen credit cards and shut down the world's largest spam ring. Investigations have led to indictments of other high-profile spammers and 11 people allegedly behind the computer break-in at TJX and other major retailers.

The FBI and Secret Service do not provide annual cybercrime statistics, but high-profile arrests are significantly up this year, says Shawn Henry, assistant director of the FBI Cyber Division.

Dozens of such actions reflect better-trained agents and prosecutors, stronger laws and more cooperation from crime fighters overseas. Strides in cybercrime fighting are particularly important now because most security experts point out that fraud soars during economic downturns. Cybercrime is an estimated $200 billion market.

For the first time, "It's not a question of whether you will be caught, but when," says Hemanshu Nigam, chief security officer of MySpace who, as a Microsoft executive, crafted a $250,000 bounty in late 2003 that led to the arrest of infamous German hacker Sven Jaschan.

Aiding the crime fighting:

•More resources. Federal agencies have a better understanding of technology and how to infiltrate organized crime groups, especially in Eastern Europe. "The threat is not going away. But our ability to impact the threat has become much better," says Henry.

The Secret Service has ramped up training for its agents, prosecutors and federal judges. About 1,000 agents are trained, significantly more than a year ago. "These investigations take time and expertise," says John Large, special agent in charge of the Secret Service Criminal Investigative Division.

•International help. The feds are partnering closely with peers in Romania, Turkey, Germany and elsewhere. "Romania is the gold standard," says Henry, who laid the groundwork with the country's national police. Working with them, the FBI has arrested 90 people, primarily phishers, this year.

Romanian Prosecutor General Laura Codruta Kövesi has led the effort to prosecute individuals with ties to international organized crime involved in computer and credit card fraud schemes. "The U.S. and their Romanian counterpart agencies are working as partners and colleagues," she says.

Henry says he met with cyberofficials in Moscow in January and that Russian agents are being trained in the U.S. "We think the relationship can be as fruitful as the one in Romania," he says.

•Stiffer cyberlaws. Sentencing guidelines have gotten tougher. "It's easier to get someone locked up," says Keith Schwalm, president of DNK Consulting and a former Secret Service agent who worked on cybersecurity issues. One law in particular has given prosecutors a crime-fighting tool. The Identity Theft Enforcement and Restitution Act of 2008 makes it a felony to damage 10 or more PCs used by or for the federal government or a financial institution.

Tech companies also are more aggressively pursuing criminals with existing laws. MySpace has filed five lawsuits this year against spammers, one of which resulted in a record $230 million judgment for violation of the federal anti-spam law.