This web site was copied prior to January 20, 2005. It is now a Federal record managed by the National Archives and Records Administration. External links, forms, and search boxes may not function within this collection. Learn more.   [hide]
Graphic of a blue block spacer
Graphic of the FBI Seal and U.S. Flag and link to FBI Homepage
Graphic link to FBI Priorities
Graphic link to About Us
Graphic link to Press Room
Graphic link to What We Investigate
Graphic link to Counterterrorism
Link to Intelligence Program
Graphic link to Most Wanted
Graphic link to Law Enforcement Services
Graphic link to Your Local FBI Office
Graphic link to FBI History
Graphic link to For the Family
Graphic link to Freedom Of Iinformation Act Library / Requests
Graphic link to Employment
Graphic link to How Do I..?
Graphic link to Search

Graphic link to Homepage


Graphic link to Submit a Tip
Graphic link to Apply Today
Graphic link to Links
Graphic link to Contact Us
Graphic link to Site Map
Graphic link to Privacy Notice
Facts and Figures 2003


Collage of woman at computerThe FBI plays two very important roles in cyberspace. First, it is the lead law enforcement agency for investigating cyber attacks by foreign adversaries and terrorists. The potential damage to the United States' national security from a cyber-based attack includes devastating interruptions of critical communications, transportation, and other services. Additionally, such attacks could be used to access and steal protected information and plans. The FBI also works to prevent criminals, sexual predators, and others intent on malicious destruction from using the Internet and on-line services to steal from, defraud, and otherwise victimize citizens, businesses, and communities.

The Cyber Division at Headquarters manages investigations into Internet-facilitated crimes and supports Counterterrorism, Counterintelligence, and Criminal investigations that call for technical expertise. In addition, most FBI field offices have specialized cyber squads. Cyber Action Teams or "CATS" are available to assist with specialized expertise anywhere in the world. FBI Regional Computer Forensic Laboratories throughout the country help state and local law enforcement solve cases where evidence is locked in a computer.

The FBI's Internet Fraud Complaint Center (IFCC) operates as part of a cyber-community watch. The self-policing efforts of honest and vigilant Internet users result in potential fraudulent activity over the Internet being brought to the attention of law enforcement through the IFCC. The IFCC does much more than just collect complaint information. It ensures that the information, along with additional investigative information developed by IFCC personnel, is disseminated to the appropriate agencies and that identified fraud schemes are either prevented or mitigated. The IFCC processes and refers all complaints it receives, regardless of the alleged dollar loss. In its first year of operation, the IFCC received 36,410 complaints, resulting in 30,503 valid criminal complaints. The IFCC turns complaints into reports and forwards them to, on average, two or three law enforcement agencies. The referral process has spawned hundreds of criminal investigations throughout the country. The FBI uses the data to identify multiple victims, various crime trends, and same-subject cases, thus initiating the investigative phase of the IFCC's operations.


Cyber attacks can take many forms, including worms, web site defacing, distributed denial of service (DDoS), and physical attacks. These attacks have been increasing at an alarming rate since the rapid growth of the Internet in the 1990's. NET JAM is the code name for a series of DDoS attacks which began on February 7, 2000. This case was investigated by the FBI in Atlanta, Boston, Dallas, Los Angeles, San Antonio, San Francisco, Seattle, Washington, DC, and several Legal Attache offices abroad.

DDoS attacks prevent victims from offering their web services on the Internet to legitimate users. A DDoS attack uses compromised computer networks to flood a victim's computer network with massive amounts of data, overwhelming the victim's computer network and causing it to stop operating.

During the investigation, the FBI determined that the perpetrator resided in Canada, and called upon the FBI's Legal Attache in Ottawa to gain the assistance of the Royal Canadian Mounted Police (RCMP).

On April 15, 2000, the RCMP arrested a Canadian juvenile known as Mafiaboy for the February 8th DDoS attack on CNN in Atlanta, Georgia. On August 3, 2000, Mafiaboy was charged with 64 additional counts. On January 18, 2001, Mafiaboy appeared before the Montreal Youth Court in Canada and pleaded guilty to 56 counts. These counts included mischief to property in excess of $5,000 against Internet sites, including, in relation to the February 2000 attacks. The other counts related to unauthorized access to several other Internet sites, including those of several US universities. On September 12, 2001, Mafiaboy appeared before the Montreal Youth Court in Canada and was sentenced to eight months "open custody," one year probation, and restricted use of the Internet.


The FBI's Houston Field Office initiated Operation CANDYMAN after an undercover agent identified three eGroups (Candyman, Shangri_la and Girls12-16), now called Yahoo! Groups, involved in posting, exchanging, and transmitting child pornography.

Through the issuance of a court order to Yahoo!, the FBI was provided 11,670 unique email addresses which participated in the three eGroups. Subsequent subpoenas, court orders and search warrants uncovered enough information to identify 1,822 domestic and 4,664 foreign subjects.

As of March 4, 2003, FBI field offices across the United States had executed over 608 searches, indicted 131 individuals, arrested 125, and obtained 69 convictions in connection with the Candyman investigation. Sixteen of the subjects arrested have admitted to the molestation of 58 children. Arrests have included teachers, a school bus driver, a fireman, a police and fire commissioner, a Big Brother/Big Sister caseworker and a cheerleading instructor.


In May 1995, the Baltimore FBI Office began an undercover operation-code named "Innocent Images"-to target people who use computers to receive and/or distribute child pornography and to recruit minors into illicit sexual relationships. Since then, the case has grown to become a national FBI initiative that addresses the sexual exploitation of children, particularly through the use of on-line computers. More than 2,000 people have been convicted to date.

In early 2002, a 15-year-old girl disappeared from her home. Her parents contacted the police and reported that their daughter was "on the Internet all the time and could possibly be missing due to Internet enticement." The police requested FBI assistance. Two days later, the FBI received a telephone call from an anonymous individual stating he was on his computer, in a "sadomasochistic" chat room. The individual also stated the subject was bragging and sending real-time photographs of a young female he identified as his "sex slave," who he was allegedly molesting and torturing.

The FBI determined the girl in the photographs was the victim. The Internet Protocol (IP) address of the subject was captured, and the Internet service provider was subpoenaed to obtain the identity and address of the subject. The subject's home was identified.

The local FBI field office, along with the police, responded to the location, made forcible entry, and recovered the victim. No other individuals were located in the residence. The victim was restrained to a bedpost with a dog collar around her neck and a 22' chain with two padlocks. She was clothed only in thong underwear and had visible bruises. She was taken to a local hospital.

The kidnapper was arrested at his place of employment without incident.


Pciture of money and laptopIn August 2000, the Internet Fraud Complaint Center (IFCC) made a referral to the appropriate federal, state, and local law enforcement agencies regarding Jay Nelson, also known as (a.k.a.) Richard Nelson, doing business as Complainants alleged that Nelson was selling computer equipment via Internet auction sites, but ultimately failing to deliver the purchased merchandise. Investigation by the San Jose Police Department determined that Rick Pascale, originally thought to be a subject in an unrelated matter, was in fact one of several aliases used by Nelson. An investigation of Jay Nelson was initiated by the United States Postal Inspection Service (USPIS) in Boston, Massachusetts. In November 2000, a search and seizure warrant was executed at Nelson's residence, at which time several computers were seized. Nelson was subsequently arrested on January 30, 2001, but released on the conditions that he turn over any computers and agree not to use the Internet. On February 14, 2001, Nelson fled town one day prior to his arraignment. Nelson was then placed on the USPIS's Most Wanted List. An investigation determined that Nelson was moving from town to town, staying at each location only long enough to perpetrate a new scam. On July 17, 2001 Nelson was arrested in Kissemmee, Florida. Nelson's Internet fraud scheme victimized over 300 individuals resulting in monetary losses in excess of $1 million. The excellent communications between the IFCC and the USPIS resulted in linking seven separate cases to Nelson.

Short History of the FBI
Working for the FBI
Public Corruption
Civil Rights
Organized Crime
White-Collar Crime
Illegal Drugs
Crimes Against Children
Environmental Crimes
Indian Country
Background Investigations
Law Enforcement Support
Internal Investigations
Facts and Figures Home