How can I report a hacker to the local authorities? I'm in the USA and someone from Norway hacked into my site and changed a lot of data on my site and my database. I'd like to report him if for nothing else to get something on his record so if he does this often he can get some fines or jail time.
His IP is xxx.xxx.xxx.xxx and his company is http://www.getinternet.no/web/
I've never cared to do anything about small hackers before, but this person did damage my site, data and business image. Please post any advice or recommendations. Thank you.
Making false accusations is also a serious matter. Not only is that company a broadband provider so likely to be a customer IP rather than employee, more than likely it is a compromised machine controlled by someone else based anywhere in the world. Have you made a complaint to [email protected]? The FBI have no jurisdiction outside of USA so even if you had any evidence whatsoever you wouldn't be likely to get very far unless it was a serious crime. You are better off putting your effort into fixing the vulnerabilities in your own site.
The FBI will generally not do anything for cases unless there is $5000 of damage. However, that threshold usually puts you at the bottom of a very long list, usually eliciting an interview, some questions, they take the logs, details, etc and forward it to their computer squad. Defacements/hacks of a single site, the fact that the hacker wasn't in the USA and probably hacked your site from a compromised machine makes it much more difficult to track down unless that host is willing to log/capture data and hand it over.
You can try posting details to http://ic3.gov/ or contacting your local FBI office. Archive the logs, any modified files, etc and burn it to a CD/DVD so that you can hand it over. The more analysis you hand over with your report the better, but, don't get your hopes up for them actually doing much to catch a hacker that is most likely outside the USA.
You've got an IP address, but that doesn't mean that the person who (legitimately) had the IP address at that time is the person responsible for the attack on your site? How do you know the system using that IP hadn't been compromised? For all you know, the legitimate user of that IP address may also be (and probably is) a victim?
At the end of the day, if you have an insecure system, it is inevitable that this will happen. If you aren't 100% sure your system is secure, don't publicly expose it to the internet.
Don't get me wrong though, I'm not defending the malicious person who did this, on the contrary, they should be punished to the full extent that the law allows, and I definitely do sympathise with your situation, but I believe your time would be better spent learning how they got in to your system and ensuring it can't happen again, rather than starting a finger pointing exercise, which will almost certainly be fruitless.
Edit: Just saw the answer from @JamesRyan, who should have got the accepted answer to this question IMHO.
The (old and possibly outdated) CERT "Recovering from a System Compromise" document suggests several methods for people in the US, mainly the FBI. It's also worth reading the page for forensic investigation and cleanup strategies.
Here's some good advice about when to call the police if you've been the victim of computer crime:
http://it.toolbox.com/blogs/securitymonkey/tips-and-tricks-episode-one-41613
There's some good advice there by security ivestigator