Hackers Steal Millions From Accounts – Are You Protected?
An Eastern European cybergang has perfected an emerging form of digital theft to steal millions of dollars from Europe’s carbon registries. Elite cybergangs are gaining deep access to corporate networks and carrying out Ocean’s 11-like capers that are equal parts digital con game and digital burglary.
Security classes such as CISSP, Ethical Hacking, Computer Forenics, and ESCA/LPT may make the difference of whether hackers steal your information and/or assets. Another such gang, for instance, gained recent media attention for its deep access to Nasdaq’s Directors Desk, a cloud-based collaboration service for senior executives. Authorities have released few details. But that gang went undetected for at least a year.
“It’s become very common for advanced groups to be in systems for a year or longer without being detected,” says Kim Peretti, forensics director at PricewaterhouseCoopers. “What’s frightening is their motives aren’t so clear as to what they’re looking for and what they’re trying to do.”
Europe’s carbon registries let companies buy and sell pollution credits. The gang that gamed them put a fresh spin on phishing, the art of tricking users into clicking on a poisoned link. They also tweaked a commonplace tool, called a banking Trojan, used to highjack online accounts, says Uri Rivner, senior researcher at RSA, the security arm of EMC.
Rivner disclosed details at the RSA conference last week. He outlined how the gang impersonated employees charged with buying and selling carbon emission permits. After gathering intelligence about the carbon registries in 25 nations, the gang
From that foothold, the crooks methodically harvested account log-ons and closely monitored trading processes. At the proper moment, someone would log on as an authorized trader, execute a transaction and divert the proceeds into accounts controlled by accomplices.
“Creativity has never been in short supply in the criminal underground,” says Rivner.
In one sting, the gang stole $31 million from a Romanian cement company; in another, they called in a bomb threat to the Czech Republic registry. While the building was cleared, the bad guys exfiltrated $25.6 million. After several other large thefts, the European Commission shut down all the registries in mid-January. Some have been allowed to reopen, but the majority of Europe’s carbon registries remain closed.