Five years ago, law enforcement forces were pretty clueless about Cybercrime and online banking fraud. National intelligence bureaus and police departments worldwide experienced a flood of unknown complaints about money going up in digital smoke, and were
absolutely unprepared for the huge task of turning the tables on fraudsters.
But today we’re witnessing a dramatic shift. Highly successful operations, covert investigations, well funded Cyber divisions in national law enforcement agencies, smart and agile police eCrime units fighting local crime, arrests made through international
collaboration, and unprecedented public-private sector information sharing.
Last week I spoke in a panel at the first
Interpol Information Security Conference. It was a very impressive closed forum held in Hong Kong, in which the Interpol, tasked with international law enforcement collaboration, talked about its mission and roadmap on fighting Cybercrime and online fraud.
I told the members that 2010 was the best year ever to be a Cybercriminal, and that everyone in the hall – despite most of the audience being non techies – can be an online fraudster nowadays. But I also commented that for the first time in Cybercrime fighting
history, the tide seems to be turning in terms of global coordination.
Which is evident if you just follow some of the recent victories over Cybercrime gangs.
One of the most spectacular
arrests was that of Vladislav Anatolievich Horohorin, 27, aka BadB, who for years ran successful carding operations as well as administered the notorious Carder Planet website. BadB was charged with organizing the cash-out phase of the highly organized
heist, in which $9.4 million dollars were withdrawn from just 44 cloned payroll plastic cards used in 2100 cash machines in 280 cities, all in 12 hours.
BadB’s arrest reminds me very much of that of
Chao, who was arrested 2 years before as part of the FBI sting operation
DarkMarket.
Both were highly prominent moderators of major English speaking forums; both tried to hide their true nationality by planting various false clues (BadB for years pretended he is a Russian patriot, although he wasn’t a Russian national; Chao who was a Turkish
national gave the impression he’s operating from continental Europe). And both provided the world with hilarious video clip animations (see examples for
BadB and
Chao). Both felt pretty safe and secure behind Internet anonymity, unaware of a massive international collaboration leading to their arrests.
And so, while international virtual gangs continue to coordinate attacks on the financial industry, law enforcement made significant strides to enhance global cooperation. Here are a few additional examples from the past six months:
March 22nd: as part of an earlier part of the heist investigation, Russia
arrested three connected to the RBS Worldpay breach, following a late 2009 arrests made by the FBI and several Eastern European agencies. It’s interesting to
note a growing collaboration between Russian authorities and US/UK law enforcement.
April 6th: 70 Romanian phishers got
arrested in a joint international collaboration of law enforcement.
April 10th: U.S. and international authorities
arrested two Belarusians suspected of operating Callservice.biz, a telephony fraud service that global fraudsters not speaking English, German or Italian hired to call local financial services posing as victims and emptying accounts.
July 28th: FBI, Slovenian and Spanish authorities
arrested operators of the huge botnet Mariposa.
Other international law enforcement agencies stepped up their operations as well: for example, major cyber criminal arrests were made by Scotland Yard in
July and
August; And India also
arrested an online fraudster.
Summary: let us all applaud this unprecedented level of collaboration. It seems like international law enforcement agencies make a genuine effort to join hands in effectively fighting global organized crime rings.