http://www.abs-cbnnews.com/storypage.aspx?StoryId=120632 By David Dizon abs-cbnNews.com 2007 Newsbreak Investigative Writing Fellow 6/5/2008 Authorities have been monitoring certain e-groups or "societies" that could be behind big, transnational cyber crimes, and these suspects could be your tech-savvy neighbors or seatmates at an Internet café. Online identity thieves, who used to prefer working alone, have in recent years begun organizing as criminal syndicates, usually in connivance with foreign hacker groups, according to Alex Ramos, a computer forensics specialist of the Philippine National Police. "They don’t fit the typical profile of a criminal. They’re not neglected. Some do it for the fun of hacking and earning a little something. There is also a group of crackers, college boys, who only focus on getting credit card information," Ramos says. Some members being enticed to join these societies are as young as 14 years old, he says. One of the earliest monitoring of hackers’ groups that Ramos conducted started in 1999. It led to some minor arrests, but the core of the syndicate—run by foreigners, in turned out—was busted only in 2007. It turned out, too, that the crime was affecting telecommunications networks worldwide, and would be the biggest to be thwarted by local authorities since the E-Commerce Law was passed in 2000. Ramos earned for it the 2007 Timothy Fidel Memorial Award from organizers of the Computer Enterprise Investigations Conference. Unwitting teen-agers Ramos says the syndicate committed phreaking, which exploited security loopholes to obtain free access to telephone calls at the expense of customers of the Philippine Long Distant Telephone (PLDT). The process involves using a "war dialer" to call different phone numbers and then guessing the pincodes to those numbers in order to freely access the system to make long distance calls. Foreign law enforcers contacted the Philippine government in 2001 about an upsurge in online anomalies hitting foreign telecoms. "These telecoms had been monitoring the increase in unauthorized calls and they made a projection that if this thing continued to happen at that rate, there would be denial of service. No one in the Philippines would be able to call anyone in the US," he recalls. Ramos said the first police raid concerning phreaking didn’t make the news in 2001 because it involved minors. It was a rude awakening for local law enforcement after seeing that children were being used unwittingly to commit cyber crimes. "We used 200 men—SWAT, PNP, NBI—all fully armed because we didn’t know what we were up against. Even the house was located at a known hotspot of criminal activity. And then when we raided the house, we couldn’t file a case against the suspects; they were 14-year-old kids. In the list of the hottest phreakers in the country, they were at the top," he says. Foreign mastermind After questioning the teenagers, Ramos was convinced that the children were unwitting accomplices of a foreign mastermind. "They didn’t know that what they were doing was illegal. All they knew was they were given instructions to punch these numbers in the computer. They weren’t even paid. It was just for kicks." Ramos says it was the absence of the money trail that bewildered law enforcement at first. Foreign law enforcers would later reveal that the syndicate was wiring money to local hackers in the Philippines to continue the phreaking operation. Police made subsequent raids against suspected syndicate members in the following years, but it was in March 2007 that the police was able to dismantle the core group. Twenty-four Jordanian nationals of Palestinian descent and seven Filipinos were arrested in separate raids in Caloocan, Valenzuela, Parañaque, and Las Piñas. Ramos says telecom companies lost an estimated $350 million in stolen revenue as a result of the phreaking syndicate. He says police investigation of the phreaking case is still ongoing. "We know it is being done by a foreign group. There are still phreaking activities happening here but they’re minor, it’s not as big as before," he says. Police said there are at least 100 Manila-based hackers in the phreaking syndicate composed of Filipinos, Palestinian-Jordanian nationals, Pakistani nationals, and Italians with Middle East origins. Bad for e-commerce Abe Olandres, a tech blogger, says one security threat that law enforcers should focus on is the stealing of passwords and credit card information from online users. This, he says, is the reason why e-commerce rollout in the Philippines remains slow. YES Limited, a Hong Kong-based IT company launched in 2003, was victimized by credit card fraud, which led to the arrests of several suspects. YES Limited allows overseas Filipinos to send money to their loved ones in the Philippines by creating an online account in their Yespinoy.com website, which is then topped up with funds from a credit card. The relative of the overseas Filipino can withdraw the money using a Smart Money ATM card. YES Limited monitored that a number of Yespinoy.com members were sending money to just one account. Money from the account was later withdrawn from an ATM in Quezon City. When contacted, the Yespinoy members denied sending any money to the account, while others denied registering for membership in the site. The company contacted the National Bureau of Investigation (NBI), which conducted an entrapment operation, netting two suspected credit card fraudsters using stolen account information. Olandres says www.godaddy.com, an Internet domain registration site, refused to service the Philippines four years ago because of the high incidence of credit card fraud and malicious attacks by local hackers. He said the site had to resort to manual checking of users who wanted to register domains. Private help needed He says that while the E-Commerce Law was passed in 2001, none of the proposed bills on cybercrime have moved. "Congress has to act quickly because computer crimes are becoming more complicated. It’s counterproductive to have all this progress without the legislation needed to protect online users," he says. Ramos says there is also a need to equip law enforcers to go after cyber criminals. He says only a few units under the PNP and NBI are dedicated to fighting computer crime. "You cannot centralize the skills, the knowledge. We have to spread the knowledge about how cyber crime works. That way, people would be able to see when it’s happening and report it," he explains. He also lauds the private sector, particularly the IT community, for helping law enforcers in pursuing criminals in cyberspace. "Government does not have all the resources and skills. That is why it is a must that we work together with the private sector. We have to build a network of friends in the IT industry and we need an organized system that would help in the free flow of information between the private sector and the government units handling cyber crime," he says. _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu Jun 05 2008 - 00:46:27 PDT