As cybercrime rises, so does a new – and successful – breed of cybercops
Cybercrime is increasing, but one new study finds that cybercops have become a lot more effective at discovering data breaches and informing the often unaware victims.
(Page 2 of 2)
Still, the feds were on the case. A January 2010 Monitor investigative report found that cyberespionage attacks believed to come from China had infiltrated computer networks belonging to at least three global oil giants. But neither Marathon Oil, ExxonMobil, nor ConocoPhillips realized the extent of cyberespionage attacks that hit them in 2008, until the FBI alerted them that year and in early 2009, the Monitor reported in early 2010. Some key oil company data were detected flowing from one oil company computer to a computer in China, according to documents obtained by the Monitor.Skip to next paragraph
Subscribe Today to the Monitor
Yet amid the criminal debris of 2011 were hints of good news that indicated improvements by the cybercops. Botnets – those networks of enslaved computers forced to send out spam and malicious software that can steal passwords and banking information – were targeted by the good guys, who nailed a bunch of them.
The Federal Bureau of Investigation took down just such a “robot network,” dubbed the “Coreflood botnet.” That worldwide network, created by a Russian cybercrime gang, had taken control of 2.3 million personal computers and sucked up vast amounts of US financial and government data for almost a decade before being targeted for extermination.
Relief also came in the form of a drop in e-mail spam from around 50 percent of all e-mail messages over a three year span to only about 37 percent last year, the Trustwave report notes. The reason? Federal authorities working with Microsoft joined with university researchers and other security companies to nail the “Rustock botnet,” which was responsible for up to 40 percent of Internet spam.
Meanwhile, the US Secret Service tracked down cybercriminals, including one that went by the hacker alias “f1ex.” Agents, assigned to the New York Electronic Crimes Task Force, learned that f1ex, an overseas hacker with a long cybercriminal track record, was selling stolen credit card account numbers in the US that he had gotten through online forums.
Agents discovered during their investigation that “f1ex” was really Lin Mun Poo, a Malaysian citizen. So in October 2010, an undercover agent met with Poo at a diner in Queens and bought $1,000 worth of stolen credit card numbers. In a second meeting, undercover agents discussed with Mr. Poo setting up a “long term relationship.” Poo was arrested and his laptop hard drive was found to hold 413,000 credit card account numbers with an estimated value of $206 million, according to Hugh Dunleavy, a Secret Service special agent, in an account in the Trustwave report.
On April 13, 2011, Poo pleaded guilty to “Access Device Fraud” and was sentenced last November to serve 10 years in a federal prison.
“There’s no reason why law enforcement won’t get better at what they’re doing,” Mr. Percoco says. “They’re increasing their efforts and we’ll being seeing more of these arrests – which is a good thing.”
Get daily or weekly updates from CSMonitor.com delivered to your inbox. Sign up today.