WASHINGTON — Secret Service investigators say they are close to gaining a full understanding of the methods hackers used to breach Target's computer systems in December.
But the agency says it could take years to identify the criminals who stole about 40 million debit and credit card numbers of Target shoppers, and other personal information from as many as 70 million people.
And it may take even longer to bring the offenders to justice. The federal investigation is complicated by the international nature of high-profile digital heists. The perpetrators are likely located overseas, which makes extradition and prosecution difficult. As a result, the Secret Service is focused on monitoring the online activities of its suspects, in hopes that they'll be able to arrest them at an opportune moment, says Ari Baranoff, an assistant special agent in charge with the Secret Service's criminal investigative division.
Target says it can't yet estimate what the breach will cost the company, but some analysts put it at close to a half-billion dollars. The total cost of the breach —which also would include losses incurred by banks, consumers and others — could easily reach into the billions of dollars.
Target, which is in the midst of its own investigation, has said very little about how the breach happened, except that it believes the thieves gained entry to its systems by infiltrating computers owned by one of its vendors, thought to be a Pittsburgh-area heating and refrigeration business.
Baranoff couldn't speak specifically about the federal investigation into the Target breach, since the case is ongoing, but he talked candidly about the growing threat of large-scale, financially motivated cybercrimes and the Secret Service's efforts to stop them.
Behind every major breach, there's usually a team of highly specialized cybercriminals who mainly know each other through online nicknames and reputations. Most aren't motivated by politics, Baranoff says, just greed.
If the hackers do invest in anything, it's their own operations. An increasing number are building their own server farms, sometimes leasing space to other criminals, making it harder for law enforcement to track them down.
Further complicating matters, Baranoff says the vast majority of high-level cybercriminals tend to be Russian speakers based in former Soviet and Eastern European countries, which largely puts them out of the reach of U.S. authorities.