Sophisticated hacking operations require stalwart security intelligence

December 12th, 2016

Over 100 people were detained or charged in the U.S., U.K., Netherlands and Ukraine in an alleged cyber-crime ring using computer viruses to steal bank-account data and then money. According to a recent article in the Wall Street Journal, an international computer-crime ring reportedly siphoned about $70M in a hacking operation that targeted the bank accounts of small businesses, municipalities and churches. FBI officials detailed a broad probe that included the recent arrests of persons allegedly involved in a network of “mules” recruited for the purpose of moving stolen funds via bank accounts opened with fake names. According to the FBI, the organization running the hacking ring included computer-code writers in the Ukraine, with the mule-network operators spread out over the U.S., U.K. and Ukraine. Victims were mostly in the U.S., though some bank accounts were also targeted in the U.K., the Netherlands, and Mexico. Thieves using iterations of the Zeus computer program managed to steal hundreds of thousands of dollars at a time—a result of focusing on business accounts instead of individual consumers, the FBI said. Investigators claim that the operation could have led to losses nearing $220M, but many of the intended transactions were not completed.

Since emerging in 2007, the Zeus software, or “malware”, has become the weapon of choice for most cyber bank robbers, according to experts. The software has been updated multiple times, becoming more sophisticated, and is sold on the black market to criminals. Reports from the FBI cyber division claim that these hackers focused on small and medium-sized businesses because of the technological limitations often found in security systems at smaller companies. FBI assistant director Gordon Snow, also chief of the cyber division, said the probe began in May of 2009 after a number of suspicious bank payment transactions were brought to the attention of FBI agents in Omaha, Nebraska. He has stated that the technical sophistication and scope of the operation made it difficult to investigate and disrupt. Experts have said that the Zeus malware’s staying power could largely be attributed to its business model. Its Russian author, known in the underground by his online handle “A-Z”, has developed a corporate operation complete with licensing agreements and tech support that make it easy to use for the aspiring cyber-criminal. With the recent arrests, experts credit international law enforcement with striking a significant blow to Zeus-intensive operations around the world.

Commercial operations with a substantial number of financial transactions should maintain a constant and consistent vigilance regarding their computer security, to ensure that it remain non-breakable. LTI has the experience and technical expertise necessary to help your company effectively audit its security systems, providing the appropriate system enhancement and monitoring to guarantee that your data stay secure.

Click on the following link for more information on LTI Security services