The FBI’s Most-Wanted Cybercrooks
The agency’s list is growing as foreign hackers continue to attack the U.S.
For more than 60 years, the FBI has kept a list of its top 10 most-wanted fugitives. The idea took root in the bureau when a reporter asked the FBI in 1949 for a list of the “toughest guys” it was looking for, and published the list in the Washington Daily News, according to the agency. The article captured so much interest that FBI Director J. Edgar Hoover institutionalized the most-wanted list the very next year.
For decades, flyers displaying fugitives’ moody headshots were plastered on the walls of post offices and other government buildings, populated with such infamous men (and just a few women) as Osama Bin Laden, the serial killer Ted Bundy and the bank robber Willie Sutton. The paper flyers have since disappeared, replaced by an online list and a social-media presence that includes Twitter and Facebook pages, along with a “Wanted by the FBI” podcast.
After the FBI started posting its top 10 list on its website in 1996, it decided to widen the scope of the fugitives and cases it publicizes. It’s added a group of pages to its website, dividing fugitives into the crimes they’re wanted for: murder, bank robbery, human trafficking, white-collar crimes and even cybercrime.
An FBI spokesperson said the criteria for inclusion on one of the niche fugitive pages are far less demanding than what it takes to end up on one of the FBI’s two official lists: “Most Wanted Fugitives” and “Most Wanted Terrorists.” When there’s an opening on either of those, the FBI’s 56 field offices submit nominations, which are subjected to several rounds of vetting at headquarters and must finally get a stamp of approval from the FBI’s top executives.
By contrast, any FBI agent can request that a fugitive be added to one of the crime-specific pages. The agency spokesperson said that the visibility that comes with getting added to the public website has been a boon to agents: Telephone and Web hotlines allow anyone to submit tips in several languages, and public tips have led to the capture of more than 70 fugitives that were listed online.
The FBI’s list of wanted cybercriminals is one of the website’s shorter lists, but it may not stay that way for long. Over the course of one week this March, it grew by nearly 50 percent, when two young Syrians were charged for attempting to hack U.S. companies and media organizations. Just two days later, seven Iranians were indicted for coordinating a cyberattack on financial institutions in New York.
As she announced the indictments against the Iranian hackers, Attorney General Loretta Lynch said that the move was a reflection of a “new approach” at the Justice Department of publicly pointing fingers at cybercriminals. The name-and-shame campaign dates back to 2012, when the FBI placed five Chinese hackers on the cyber most-wanted webpage. Most of the people on the list—they’re all men so far—are foreign nationals.
The FBI wasn’t always this willing to publicize its cases. A 1939 Time Magazine article noted that the FBI considered it “undesirable to dignify Public Enemies by listing them.”
But today, there are about 600 cases on the FBI website, according to the spokesperson, and cases are added at a rate of about five a week. (Not every case ends up on the website, the spokesperson said—only those that would benefit from extra publicity.)
Many of the wanted posters include rewards for information that leads to fugitives’ capture—both Syrian hackers have a $100,000 bounty for their arrest, for example—and tips come from sources in the U.S. and abroad. (None of the fugitives on the “Cyber’s Most Wanted” page have been apprehended because of an online tip, however.)
When I asked if placing criminals on an online most-wanted list could backfire by bestowing a measure of notoriety and legitimacy, the FBI spokesperson demurred.
“Generally, the FBI believes that getting publicity is a positive thing, a positive investigative tool for agents,” said the spokesperson. “If they would like it up there, the FBI is willing to do that for them.”
NEXT STORY: NIST looks to reengineer thinking about cyber