Cybercrime’s Kingpin Nabbed
The indictment this week of 28-year-old American, Albert Gonzalez, has to be a salutary and sobering warning to business of the need to have a top computer forensics team working on your side. The sheer scale of the global operation that Gonzalez and his two Russian accomplices are alleged to have masterminded is mindboggling: to steal data from more than 130 million credit and debit cards by hacking into the computer systems of five major companies, including Hannaford Bros supermarkets, 7-Eleven and Heartland Payment Systems, a credit-card processing company. The fact that Gonzalez once worked with Federal authorities is just one of the ironic twists in this tale.
This is not the sort of story The Wall Street Journal enjoys running, but in its August 18 edition it provided all the gory details. Federal prosecutors have charged the threesome with carrying out the largest hacking and identity-theft exploit in US history. Welcome to the reality of today’s cyber world.
The indictment in the New Jersey Federal District Court comes after at least five years of criminal activity that has seen the alleged orchestrator, Gonzalez of Miami – a high-school graduate and self-taught programmer – fall in and out of the federal grasp. Detained in 2003, he was briefly an informant to the Secret Service before allegedly returning to commit even bolder crimes. Authorities have previously claimed he was the ringleader of a data breach that siphoned off more than 40 million credit card numbers from the TJX companies and others last year, costing the parent company of the TJ Maxx retail chain $US200 million. Gonzalez, who is currently in Federal custody in New York, is awaiting trial for alleged efforts to hack into the network of a national restaurant chain, plus he faces charges in Boston on the TJX matter.
The indictment and court documents relating to these pending cases against him portray him as a rising star in the cyber underground. He originally launched what he called “operation get rich or die tryin’”, targeting Fortune 500 companies. Federal investigators say he cut his criminal teeth as a leader of the self-styled Shadowcrew, an online credit hacking ring. In 2004, 26 leaders of this 4,000-strong ring were arrested and convicted. Though he was one of the key leaders, he was not charged when he was detained in 2003 because he had agreed to become an informant. In late 2004, the authorities allowed him to move from New Jersey to Florida, where much of the subsequent hacking took place. He was arrested over the restaurant chain scheme in May last year and has been in detention since then.
When investigators looked into the Heartland Payments Systems breaches they found that Gonzalez and his Russian conspirators had staged their attack from a network of computers spanning New Jersey, California, Illinois, Latvia, The Netherlands and Ukraine. In the attacks, the trio allegedly scooped up credit and debit card numbers and installed so-called back doors in the victims’ computer systems to enable them to steal more data in the future. They also installed “sniffer” programs to capture card data and send it to hackers, and made extensive efforts to conceal their activities by registering the computers they used under false names and communicating online under a variety of screen names.
Wire fraud, conducted in cyberspace because wire transfers now use networks that connect to the internet, has exploded in recent years. The US Treasury Department has reported that of the more than 55,000 incidents of wire fraud since 1998, more than half occurred in the past two years.
But wire fraud is only one dimension of the cyberspace threat. If you want to check on your vulnerabilities and whether your business is already being targeted, you’ll need a professional team that can keep you more than one step ahead of the hackers. To do this the experts use sophisticated computer forensics and transactional analysis as well as state-of-the-art laboratory facilities. But it’s the years of experience underpinning this that ultimately count. That’s what allows them to understand and foil the strategies that all hackers resort to. It pays to ensure that anyone like Gonzales who’s eyeing your business is more vulnerable than you are.
