MINNEAPOLIS (WCCO) — The White House said Thursday it believes “a sophisticated actor” with “malicious intent” was behind the Sony hack. But a White House spokesman said it won’t blame North Korea.
Over the past few years, there have been several high-profile cyber crimes against large companies, including Target and Home Depot, that have resulted in little, if no, consequences for the criminals.
So, how often do hackers get caught?
Mark Lanterman, C.T.O. of Computer Forensic Services, says he estimates it’s less than one percent.
“You’re looking for a needle in a haystack of needles, if it even exists,” Lanterman said. “The really good hackers understand the evidence they’re generating and they work so they don’t generate that evidence.”
According to the PwC U.S. State of Cybercrime Survey, the FBI told 3,000 businesses last year they’d been hacked.
“Most businesses have either been breached or they don’t know they’ve been breached,” Lanterman said.
He says the “good” hackers rarely leave behind any evidence that would identify them. And even if they do, Lanterman says it usually doesn’t identify an individual or a group.
Often, law enforcement will have to rely on interviews in addition to computer evidence, which can be a huge challenge overseas.
According to cybercrime expert and CBS analyst Brian Krebs, many of the hackers are part of organized crime groups that operate in Russia, Ukraine and Romania.
“It’s going to be very difficult for an officer to get in a squad car to go to Moscow and pick him up, so not many of them are brought to justice,” Lanterman said.
Earlier this year, the Justice Department announced it arrested 90 people in the Blackshades malware case. The investigation took two years, cooperation from 19 countries and hundreds of searches across Europe, U.S. and Canada.
Lanterman says these criminals understand this is high-reward when it comes to money and low-risk in terms of capture, so those are odds they’re willing to play.