Webtrends Tracking Code
 
UK Home >  OUT-LAW News >  News Archive >  2001 >  March 2001 >  FBI warns of Eastern European hacker groups

FBI warns of Eastern European hacker groups

OUT-LAW News, 09/03/2001

US companies are being warned by the FBI about organised hacker groups, mainly from former Soviet countries, that are stealing credit card details and attempting extortion. It is calling for greater vigilance among e-commerce and e-banking companies.

Over the past several months, the US National Infrastructure Protection Center (NIPC) has been co-ordinating investigations into a series of organised hacker activities specifically targeting US computer systems associated with e-commerce or e-banking.

More than 40 victims located in 20 states have been identified in ongoing investigations. These investigations have been closely co-ordinated with foreign law enforcement authorities, and the private sector.

The investigations disclosed several organised hacker groups from Eastern Europe, specifically Russia and the Ukraine, that have penetrated US e-commerce computer systems by exploiting vulnerabilities in unpatched Microsoft Windows NT operating systems.

Once the hackers gain access, they download proprietary information, customer databases, and credit card information. The hackers subsequently contact the victim company through fax, e-mail, or telephone. After notifying the company of the intrusion and theft of information, the hackers make a veiled extortion threat by offering internet security services to patch the system against other hackers. They tell the victim that without their services, they cannot guarantee that other hackers will not access the network and post the credit card information and details about the compromise on the internet.

If the victim company is not co-operative in making payments or hiring the group for their security services, the hackers' correspondence with the victim company has become more threatening. Investigators also believe that in some instances the credit card information is being sold to organised crime groups. There has been evidence that the stolen information is at risk whether or not the victim co-operates with the demands of the intruders. To date, more than one million credit card numbers have been stolen.

The NIPC has issued an Advisory regarding these vulnerabilities being exploited. The update includes specific file names that may indicate whether a system has been compromised.

If these files are located on your computer system, incidents can be reported at www.nipc.gov/incident/cirr.htm

 

OUT-LAW Recommends

Free OUT-LAW seminars
- Making your contract work
- Information security
Six cities, October & November

Winner at 2008 Webby Awards

OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.