Thursday, 1 August 2013
US Breaks up Largest Ever Hacker Ring
Officials in the United States have identified four Russians and one Ukrainian in breaking up what has been classified as the largest computer hacker ring ever uncovered to date. All five men have been charged with a variety of crimes that involve stealing data from several prominent American companies.
A sixth man is already serving a 20-year sentence for similar crimes and is believed to be part of this larger plot, though reports haven't said how.
According to investigators, the hacker ring is responsible for stealing more than 160 million credit card numbers over the course of seven years. The information was stolen by hacking into the computer systems of a number of prominent companies including JCPenney, NASDAQ, Hartland Payment Systems, and Dexia Bank Belgium. The thieves used the information to net hundreds of millions of dollars in illegal profits.
Reports say that the three largest targets suffered combined losses in excess of $300 million. It will be some time before investigators uncover the total extent of the damage. It would be no surprise to find total losses 2 to 3 times that number.
The sophisticated ring worked by dividing responsibilities according to each man's expertise. Two of the men were responsible for breaching corporate computer systems to steal the data. A third man specialised in dissecting the data and extracting the valuable information.
The remaining two conspirators also had their own responsibilities: one provided the web hosting services necessary to carry out the attacks while the other sold the stolen data and collected the proceeds for distribution among the group. The complexity and organisation of the hacker ring came as a surprise to investigators.
If nothing else, this story serves as a stark reminder that those of us in the IT industry need to be ever vigilant about security. One of the reasons this ring was able to prosper for so long is the fact that they knew what they were doing. Using encrypted communications and other well-known tactics, the ring was able to cover their tracks for too long a time.
The story should also serve as a wake-up call to government agencies as well. This type of hacking is primarily carried out on commercial enterprises because of the lucrative financial benefits. However, the same tactics could just as easily be used to penetrate government security systems. Important intelligence data could be at risk at any time.
It is hard to imagine that a group of five men could get away with such an incredibly large and complex scheme. But they did nonetheless. The IT world cannot ignore this story as an anomaly, hoping it will go away. Rather, we must increase our efforts to improve network security. The world's economies and security depends on us staying ahead of the criminal element.