Most Americans believe the FBI to be the pinnacle of a law-abiding agency, and for the most part it is. However, in today's highly technical and highly cyber society, the laws and legalities can become more blurred, even for a government agency. This paper examines the actions of the FBI regarding two Russian cyber-criminals and how while some laws and protocols might have been overlooked, these actions were still done for the greater good.
Cyber Crimes and the FBI
The investigative techniques used by the FBI in the case of Vasiliy Gorshkov and Alexey Ivanov were completely legitimate and necessary; moreover, they demonstrated that law enforcement of the United States was prepared to use any means necessary to apprehend these flagrant security risks. "Court papers described the men as kingpins of Russian computer crime who hacked into the networks of at least 40 U.S. companies and then attempted to extort money" (Brunker, 2000). These men were formidable criminals who used the Internet and computers as their weapons of choice to destroy, manipulate and victimize American companies. There's a very strong and very legitimate argument which asserts that the only way to go after such elusive criminals is via the same type of trickery and subterfuge that they engage in themselves. It's very hard to fight fair with criminals who are engaging in the most absolute underhanded practices, particularly ones which involve the Internet, as it's exponentially easier to conceal one's actions and intentions and to be cloaked and buried within the vastness of the expansive Internet.
Part of the uproar which emerged after the actions of the FBI were uncovered asserted that they had behaved in a manner that was potentially unlawful. "According to court documents filed in the case, the FBI and Department of Justice lured two suspected Russian hackers to Seattle with job offers at a fictitious security company. After monitoring the duo's connection to two servers in Russia, the FBI used the suspects' passwords to download incriminating data from those servers" (Lemos, 2001). This was precisely the tactic that was going to be scrutinized in court; though multiple parties were concerned that it might be considered lawful and the repercussions of such an event. For example, "…if it is deemed lawful, the precedent could allow law enforcement and intelligence communities free rein to hack foreign computers. In addition, such a ruling could provide a legal loophole for other countries to break into U.S.-based computers in search of data that could aid their own investigations" (Lemos, 2001). This is a truly formidable consequence and one which many were aware could create truly dire results -- not just for American security, but for all of international security.
Other critics of the FBI accuse them of entrapment: while these hackers were indeed waging a certain degree of terror and victimization upon American companies and engaging in conspiracy, fraud and extortion, they were still disadvantaged young adults looking for a better life. Ivanov hacked from an abandoned factory in Chelyabinsk, Russia. Many critics felt quite justified in accusing the FBI of entrapment as they lured these hackers out of their hiding places with the promise of a better life: a chance to get out of Russia and snag a lucrative job in America. "But Chelyabinsk, a Stalinist burg located in the Ural Mountains, is a pretty bleak place to grow up. The town has twice endured nuclear catastrophe -- an arms plant dumped waste in a local lake for years, and in 1957 a nearby nuclear weapons factory showered the vicinity with 70 tons of radioactive dust -- making Chelyabinsk one of the world's most polluted cities" (Koerner, 2002). As Koerner explains, it's very difficult there to get a job. While this doesn't justify crime or illegal activity, it helps to paint a clearer picture as to how such bright mind like Ivanov and Gorshkov came to be hackers and why they didn't think twice when they were offered a job by an American company straight out of the blue.
Many naysayers felt that Ivanov and Gorshkov were lured to the United States and then led to entrapment, a tactic which should be considered illegal. However, such a viewpoint is just sanctimonious and a truly narrow interpretation of the law. In the age of cyber crimes, luring criminals out from their hiding places is essential. It's almost one of the only ways to catch them. Even though some say the FBI was engaging in a method of attack that bordered on illegality, others need to rightly praise it for being clever, being nuanced and more than anything, being effective. Furthermore, the FBI agents were upfront with Ivanov and Gorshkov about what the job would entail -- they needed hackers. One could argue that Ivanov and Gorshkov, being the cyber criminals that they were, should have been more wary of companies like the fake "Invita" that the FBI created, trying to lure them out from under their cloaks, asking to hire them for services which are precisely illegal. There was clearly a certain amount of arrogance present with these two hackers and it was an arrogance that the FBI cleverly exploited. The position entailed "a few good hackers who could break into the networks of potential customers as part of an effort to persuade those companies to hire Invita to keep hackers out. Ivanov was familiar with the tactic" (Jahnke, 2005). The intelligence of this mission is clear: this was a simple hacking task. Not only would these hackers be competent in completing this task, they'd be eager to show off their skills in other areas: "agents posing as Invita officials asked the men to demonstrate their prowess on a computer outfitted with "sniffer" software to record every keystroke. After arresting the men, the agents used account numbers and passwords obtained by the program to gain access to data stored on the pair's computers in Russia" (Jahnke, 2005).
Some argue that the FBI went "off the reservation" because agents in America were afraid that a colleague of these agents might annihilate the original computer in Russia, the agents thus downloaded the evidence to their computers before getting a search warrant (Jahnke, 2005). While this may have been a violation of protocol, the agents had no choice. To not download those documents would have risked the success of the entire project. Those who argue that such actions were unethical don't have a clear understanding of how high the stakes of this particular situation were.
You’re 74% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.