FBI Reveals 16 More Suspects In Zotob Worm

Turkish law-enforcement officials have informed the Federal Bureau of Investigation that they've identified 16 more suspects thought to have assisted in the creation of the Zotob bot worm that has plagued IT security staffs for two weeks.

Louis Reigel, assistant director of the FBI's cyber division, delivered the update during a speech to more than 650 cybersleuths gathered in Monterey, Calif., to share the latest high-tech crime-fighting techniques and tools. The High-Tech Crime Investigation Association's annual conference has taken on added significance this year, thanks to the seemingly endless instances of network intrusion, identity theft, child pornography, and online fraud.

The FBI's collaboration with Turkish and Moroccan authorities and Microsoft on the Zotob case underscores the growing need to coordinate global crime-fighting resources to pursue tech-savvy criminals with ever-expanding reach. "Cell phones and the Internet have given criminals international opportunities," Reigel told attendees. "Like business, crime has gone global."

Reigel likened the task of the FBI since Sept. 11, 2001, to trying to replace an aircraft's wing during flight. The bureau has 4,000 active child-pornography cases, has identified 20,000 victims of a scam involving alleged funds being shipped from Iraq by Saddam Hussein's family and one-time associates, and is helping with the Zotob investigation, in addition to its mammoth ongoing counterterrorism efforts. Crimes are increasingly being perpetrated by global criminal networks, spurring the FBI to deploy 50 international attaches whose job is to strengthen ties between the bureau and law-enforcement agencies in some 200 countries.

Reigel also stressed that coordination with private industry is more important than ever as high-tech crimes against companies continue to grow. Warren Kruse, international president of the High-Tech Crime Investigation Association, says that while CIOs are doing plenty in terms of bringing in the latest hardware and software to shore up their defenses, they need to remember the little things, too--including keeping logs running on Internet-facing technologies such as E-mail servers, firewalls, and gateways. "I get calls all the time from organizations that think they had a hacker, and I always ask them, do you have logging enabled?" Kruse says.

Despite what appears to be an uphill battle, the FBI's Reigel says law-enforcement officials are making significant progress. He pointed to the arrest last year of six perpetrators of denial-of-service attacks against some of the world's biggest retailers, which resulted from coordination with the British government. Says Reigel: "Just like the goalie in ice hockey, no one remembers the shots you stopped, only the ones that got through."