[ISN] Mobs Turn Net into Money Machine

From: InfoSec News (isn@private)
Date: Wed Oct 08 2003 - 07:49:31 PDT

  • Next message: InfoSec News: "[ISN] Windows & .NET Magazine Security UPDATE--October 8, 2003"

    http://www.wired.com/news/technology/0,1282,60735,00.html
    
    Reuters
    Oct. 07, 2003
    
    LONDON -- Organized crime syndicates have stepped up their presence on
    the Internet, operating extortion rackets, child-pornography rings and
    elaborate financial scams, Britain's top cybercop told Reuters.
    
    And the most vulnerable target is the individual Web user, said
    Detective Chief Superintendent Len Hynds, head of the U.K.'s National
    Hi-Tech Crime Unit, or NHTCU.
    
    "Organized crime is turning to the weakest element in the chain, which
    is the people. It's the hands on the keyboard on either end of the
    transaction that is the actual weak point," Hynds said.
    
    The crime syndicates, he said, are based in every corner of the globe.  
    Investigations have led the NHTCU repeatedly to Eastern European
    countries, including Ukraine, Russia and Latvia.
    
    The groups have honed their Internet skills as a greater flow of
    business is conducted online.
    
    "Organized crime in all its guises is extremely flexible. It does spot
    the new and lucrative opportunity," Hynds said.
    
    In the NHTCU's two-year existence, the 55-person task force has made
    nearly 110 arrests for such age-old crimes as blackmail and extortion
    as well as decidedly high-tech computer hacking cases.
    
    Law-enforcement officials throughout the world suspect crime rings are
    recruiting technically savvy programmers to concoct fraud schemes
    against banks and businesses.
    
    An increasingly common scam hitting financial institutions is known as
    "website spoofing," in which a fraudster sets up a bogus online
    business that closely resembles a bank or business website.
    
    The aim is to lure unsuspecting Internet users to the phony site in an
    effort to get them to submit their credit card and bank details. The
    NHTCU said 40 U.K. businesses have been hit by the spoofing scam so
    far this year, up from seven a year ago.
    
    Hacking attacks, once considered the domain of bored teenagers looking
    to prove their Net skills, also have become an increasingly common
    weapon in organized crime's arsenal, said Hynds.
    
    Some have launched "denial of service" attacks -- which consist of a
    crippling barrage of data capable of knocking Net companies offline --
    against Internet service providers and online casinos.
    
    Under such a scenario, the groups threaten to unleash the attacks on
    businesses unless they pay a ransom.
    
    But the most active area for the NHTCU, and similar investigative
    teams, continues to be breaking up child-pornography rings. Nearly
    half of the 110 arrests made by the unit have been for
    pedophilia-related charges, Hynds said.
    
    "We are focusing on the organized groups that are making money out of
    peddling child pornography on the Internet. We are doing that in
    partnership with business and industry," he said.
    
    "We've deployed officers from this office overseas to physically
    remove children to places of safety," he added.
    
    International police forces have been tackling the rise of child
    pornography online with greater success recently. Last week, German
    police said they cracked a global pedophile ring that involved 26,500
    computer users from 166 countries.
    
    The NHTCU also is investigating links between virus writers and
    extremist groups as it prepares defenses for a possible attack. The
    crime-fighting unit has started working with antivirus firms to
    identify patterns in the source code of the most damaging Internet
    worms and viruses to determine whether they are the work of organized
    subversive groups or crime syndicates.
    
    The hope is that buried somewhere in the lines of code will be clues
    to the authors' identities, motives and, possibly, future acts of
    sabotage.
    
    Of the dozens of viruses and worms that emerge on the Internet each
    week, none have been traced back to organized crime or subversives
    aiming to disrupt a country's infrastructure.
    
    But as increasingly sophisticated programs surface, law enforcement
    officials are preparing themselves for this type of cyberwarfare.
    
    "It's a tactic that could be utilized," said Hynds. "We've seen
    legitimate programs used in a way which allows people to have remote
    access to compromised systems. And similarly, viruses, Trojans and
    worms can be used by organized crime to launch attacks."
    
    The challenge for law enforcement is in catching the suspects. Police
    have tracked down an increasing number of virus writers lately, but
    creators of the most-damaging outbreaks remain at large and, some
    security officials say, may never be caught.
    
    Some increasingly potent viruses and worms, including this summer's
    Sobig.F virus and Blaster worm, wreaked havoc on corporate and
    government computer systems around the world.
    
    Sobig.F carried a type of Trojan program. A mounting concern among
    security officials everywhere is that a Trojan -- so named because
    they embed themselves on infected machines and give virus writers the
    capability of controlling the computers from remote locations -- could
    bore into a computer network and compromise, say, a police
    emergency-response phone system or air-traffic control system.
    
    A digital attack in isolation would inflict relatively little damage,
    experts say. But should the incident be timed to coincide with a
    physical act of sabotage -- in what security experts refer to as a
    "blended threat" -- the toll could be high.
    
    With security forces on high alert in the wake of the Sept. 11, 2001,
    terror attacks in the United States, response plans to all potential
    acts of sabotage -- digital or physical -- are being reviewed.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Oct 08 2003 - 10:59:38 PDT