Cracking Down on PhishingCross-Border Cooperation Fuels CyberFight
In early July, Ayodeji John Kareem, Vincent Alonge and Babatunde Fafore pleaded guilty before Britain's Snaresbrook Crown Court to phishing attacks they launched to collect banking details from consumers. More than 900 compromised bank accounts and 10,000 credit cards have been connected to the attacks.
According to the U.K.'s Metropolitan Police force, better known as PCeU, Â£599,000 [U.S. $862,000] was stolen, and more than 1,400 credit cards have been confirmed compromised. Losses related to the other 6,000 credit cards connected to the attacks have not been confirmed, but authorities estimate total fraud losses will exceed Â£3.1 million [U.S. $4.46 million].
The prosecutions were among the first in the U.K. to rely on detailed evidence about an organized phishing operation. The three men were arrested in August 2010, after PCeU, the MPS Territorial Support Group and the Irish Guarda SÃochÃ¡na Fraud Investigation Bureau joined forces to catch the cyberthieves.
"Obviously, it makes sense that we're going to start seeing more prosecutions," says online security expert Neil Schwartzman of CASL Consulting. "We're going to see a lot more investigations coming to fruition. We're now in a circumstance, where a decade ago a lot of this same stuff was happening and it was ignored and uninvestigated. ... Now, 10 years later, we're enjoying the benefits of more law enforcement focus on cybercrimes, and international law enforcement is taking cybercrime more seriously."
Cybersecurity: Higher StakesFrom the Federal Bureau of Investigation to Scotland Yard and agencies in Eastern Europe, cross-border collaboration in the fight against cybercrime is becoming more commonplace. [See $72M Bank Fraud Scheme Busted .]
"I think what's happened is that they finally have hired enough resources," Schwartzman says. "In the past, law enforcement agencies did not have resources allocated for this kind of investigation."
Joseph Steinberg, an online cybersecurity expert, says international collaboration, steeper convictions for cybercrimes and government support for the cyberfight are fueling positive progress. "I think there are a couple of trends occurring simultaneously," he says. "The Obama Administration has been pushing for the maximum sentence for computer crimes, which is 10 years. Fifteen years ago, computer crimes were typically committed by kids; today the stakes are much higher, such as national security." [See Obama Vows to Battle Int'l Cybercrime.]
Tom Wills, a fraud analyst with Javelin Strategy & Research, says the federal posture against cybercrime has progressively moved up the chain of command. "Now it's reached the top," he says. "The reason for that is that lower-level initiatives have failed to put a serious dent in the problem. So, we're finally at the level we need to be in order to attack global cybercrime effectively, and the strategy is a sound one."
But coordination among international law enforcement is only part of the solution. "The other is execution [of enforcement], and the jury is definitely out on whether that can be done effectively under public-sector leadership," Wills says. "This is going to be a very hard, uphill fight against highly formidable adversaries."
Everyone with a stake, from government to business to the general public will have to get involved. Steinberg says involvement is moving in a good direction, as the courts, consumers and corporations are more educated about computer crimes and their link to ID theft. "The consequences of computer hacks are much different than they used to be," he says.
According to the Anti-Phishing Working Group, a coalition of global industry leaders, law enforcement and government agencies focused on eliminating identity theft related to phishing attacks, cyberattacks are growing at an alarming rate. In a June survey, APWG found that about one-third of the survey's 270 respondents were repeat victims of phishing attacks. Website security vulnerabilities were cited as being the most common gaps cybercriminals abused.
Of those who had been hit by attacks, about 37 percent said phishing or spoofed sites had been planted on their corporate Web servers at least twice in the past. APWG says organizations are not properly monitoring for anomalous behavior or suspicious traffic patterns that could indicate previously unseen, zero-day attacks.
"Phishers value compromised websites highly because they are much harder for interveners to take down," says APWG Research Fellow Dave Piscitello of ICANN. "They're confident that they'll be able to identify and exploit sites, and do so repeatedly. Victims are not mitigating exploits entirely or are not implementing adequate measures to keep them away."