Share This Page

Hickton: Bringing hackers of Pittsburgh companies to trial not impossible

| Wednesday, June 4, 2014, 11:24 p.m.
Guy Wathen | Tribune-Review
David Hickton, middle, U.S. Attorney for the Western District of Pennsylvania, is flanked by Scott S. Smith, left, Special Agent in Charge of the FBI's Pittsburgh Division, and J. Keith Mularski, FBI Supervisory Special Agent, during a press conference at FBI Headquarters in the South Side on May 20, 2014.
Guy Wathen | Tribune-Review
David Hickton, middle, U.S. Attorney for the Western District of Pennsylvania, is flanked by Scott S. Smith, left, Special Agent in Charge of the FBI's Pittsburgh Division, and J. Keith Mularski, FBI Supervisory Special Agent, during a press conference at FBI Headquarters in the South Side on May 20, 2014.
fbi.gov
Evgeniy Mikhailovich Bogachev is on the FBI's Cyber's Most Wanted list for his involvement in the cyber scheme that infected about a million computers worldwide with 'Zeus,' a software that was used to steal more than $100 million.

Bringing Chinese and Russian hackers to trial in Pittsburgh will not be easy, but U.S. Attorney David Hickton told the Tribune-Review on Wednesday he rejects the idea that it cannot be done.

“We're going to use every legal and diplomatic means we can to bring them to justice in this building, in this courthouse,” said Hickton, who represents the Western District of Pennsylvania. “I believe it will be harder to do than if they lived in Western Pennsylvania; I accept that. But it is not futile. And it's an effort we're going to undertake.”

Hickton talked with the Trib two days after charging Russian hackers with infecting as many as 1 million computers around the world and stealing more than $100 million with online attacks.

Two weeks earlier, Hickton was in Washington to indict Chinese military hackers for stealing computer secrets from U.S. companies, including some in Pittsburgh.

The cases represent a shift in policy toward building criminal and civil cases against foreign hackers — and going public with the accusations. Legal experts said that puts criminals and foreign countries on notice.

Hickton agreed: “By bringing the criminal charges, we've signaled that we're escalating our effort to protect people from cyber crime.”

The cases pressure foreign governments to take computer security more seriously, said Joseph DeMarco, former head of the cyber crime unit at the U.S. Attorney's Office in New York.

“It does tend to signal to our adversaries that we will use all of the tools at our disposal to shame them into having to take account of what they did,” said DeMarco, whose law firm, DeVore & DeMarco, specializes in Internet and privacy matters.

Though the prosecutions are a first step, the United States will have difficulty convincing China and Russia to hand over the accused, said David Thaw, a cyber law expert at the University of Pittsburgh School of Law.

“It has a signaling effect of showing that the U.S. continues to be serious about cyber crime enforcement and that it will treat all criminal activities — regardless of whether they are individuals, organized crime or state-sponsored — as valid targets of prosecution,” Thaw said. “In these particular two cases, it probably stops there.”

Hickton told the Trib he chose to pursue the cyber cases even though federal investigators did not know whether they would “have enough fuel in the tank” to bring charges.

He said the focus on cyber crimes could affect the number of other cases his office handles. At one point, 20 percent of the lawyers in his office were working on criminal and civil cyber cases.

“I thought it was worth the risk, because I believe this is the new frontier of crime,” Hickton said. “Even if we didn't get to the finish line, like we did, it was still worth the effort for the greater good.”

Speaking separately in Pittsburgh on Wednesday, former CIA Director and Secretary of Defense Leon Panetta called cyber attacks one of the most pressing threats against national security. He said the threat extends beyond criminals to include terrorists.

“We're living with a battlefield of the future,” Panetta told members of the natural gas industry in the David L. Lawrence Convention Center, Downtown.

As CIA director, he was told the country endured 100,000 cyber attacks a day.

Hickton said he hopes other countries will take a more active role in policing online crimes, as computer attacks have become a big, international problem. To neutralize the Russian hacking schemes, his office worked with officials from 12 countries and the European Union.

In response to the indictments, the United States asked China and Russia to help apprehend the suspects. Hickton said those talks are “fluid” and declined to comment on specifics.

“Everybody has an interest in following the rule of law, with regard to intellectual property and use of the Internet,” he said.

Andrew Conte is a Trib Total Media staff writer. Reach him at 412-320-7835 or andrewconte@tribweb.com. Staff writer David Conti contributed to this report.

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.