Thursday, April 06, 2006

On Guard: Understand the Limits of Catching Cybercriminals to Protect Your Business

Federal law enforcement officials may be cracking down on Internet thieves, but they have their work cut out for them.

Cyber criminals are trading customer bank account details, social security numbers and e-mail access and there seems to be little that law enforcement officials can do to stop it, according to Tom Zeller Jr.’s article in The New York Times, “Countless Dens of Uncatchable Thieves”.

Zo0mer, the codename of Russian Sergey Kozerey, has been wheeling and dealing in the personal details of others for profit. He brags in one Internet forum that his prices are lower than other vendors and he’ll “deliver them in real time”.

Another hacker offers complete access to his nameless victims’ credit card accounts while others trade in bank passwords and pin numbers, viruses and phishing scams.

Although some Americans were recently arrested, including 17-year old Hunter Moore and Virginia Tech student Benjamin W. Pinkston for identity theft, the Secret Service believes they are minor league compared to the well organized international criminal enterprises in the global data trade. Russia and Eastern Europe sit at the top of the stolen data sector.

Despite well-publicized crackdowns such as Operation Firewall and Operation Rolling Stone, these busts have had little impact on the global market.

One of the more impressive busts netted an American, 22 year old Douglas Cade Harvard, who used contacts with the Russian underworld and the help of a Scottish accomplice to steal $11 million in two years. One scam involved encoding stolen account numbers onto blank cards. The American and Scottish criminal duo withdrew more than $1.3 million from Western banks over a 10-month period. They received the account data from Russian contacts and kicked the majority of funds back to them. The Russian hackers remain at large.

One of the biggest challenges to netting cybercriminals is getting the cooperation of foreign countries.
Officials have to navigate a web of global treaties and rights to privacy in releasing information to foreign law enforcement officials, says Gregory Crabb, an investigator with the United States Postal Inspection Service and the economic crimes division of Interpol. That’s after banks and credit card companies admit they have a problem rather than hushing it up to avoid the publicity. Even when these obstacles are overcome, there is still the challenge of getting the cooperation of foreign investigators.

If you take every precaution to ensure that your clients’ sensitive information is protected and secure and are sensitive to the dangers of cybercrime, you will build a stronger business.

No comments: