Information Security News mailing list archives
Cyber crime 'holds banks to ransom'
From: InfoSec News <isn () C4I ORG>
Date: Mon, 18 Dec 2000 14:45:27 -0600
http://www.thisislondon.co.uk/dynamic/news/story.html?in_review_id=345095 by Ken Hyder 18 December 2000 A new breed of criminal computer hacker is holding dozens of leading British companies to ransom by stealing confidential customer information and demanding cash in return. Many of the hackers are escaping justice because firms, including major banks, credit card firms and internet traders, want to keep the attacks secret, fearing that any publicity which highlights their vulnerability will undermine customer confidence. One British team of professional hackers, all believed to be aged under 25, has already penetrated some of the country's best-protected computer systems to attempt blackmail. Criminal hackers differ from their amateur colleagues in that the latter will attack big organisations - often hate figures like Microsoft - for the fun of it. But criminal hackers are after money rather than glory. They steal vital information like source codes or customers' details then demand cash - threatening further attacks which could crash computer systems. It is believed that in the past 18 months, more than a dozen corporate computer systems have been hit by one gang alone. Security insiders say that nobody knows just how many big companies have been hit - or how many have secretly paid-off cyber-blackmailers. One senior Scotland Yard detective said: "All too often when big firms are hit, they call in the security experts, patch up the system - and say nothing." The obsessive secrecy also means crucial knowledge about intrusion techniques is often not passed on to other firms who could be next in line as targets. Experts say this vulnerability is providing a major headache for MI5 and its warning systems to protect Britain's critical national infrastructure of utilities like telecommunications, transport, and electricity. Even when police are brought in, criminals can slip the net. A year ago, Scotland Yard began investigating a 10 million cyber-ransom demand on Visa. It is thought that the gang stole source codes and demonstrated the ability to crash Visa's system - which could have cost Visa many millions of pounds. After it called in police at the end of last year, Visa said: "We hardened the system, we sealed it and they did not return. We have firewalls upon firewalls, but are concerned that anyone got in." Today a Visa spokeswoman said: "It's our policy to bring in the police over intrusions like this. We have a very good relationship with the police." Because the firm took civil action against one of the suspects - James Grant, who lives near Elgin in Scotland - detectives were legally unable to use the information gained to bring a criminal case. The civil court order forced Mr Grant to reveal information to Visa investigators. The hackers thought to be behind the Visa attack are still free. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Cyber crime 'holds banks to ransom' InfoSec News (Dec 18)
- Re: Cyber crime 'holds banks to ransom' security curmudgeon (Dec 20)