FBI warns companies about organized hacker attacks

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

FBI warns companies about organized hacker attacks

2.48 p.m. ET (2005 GMT) March 8, 2001 By D. Ian Hopper, Associated Press

WASHINGTON (AP) Organized hacker groups, primarily from former Soviet countries, are responsible for recent increases in credit card thefts and extortion attempts, the FBI said Thursday. It said e-commerce companies should be more vigilant in protecting their customers' credit card numbers.

Investigators at the National Infrastructure Protection Center, the FBI's cyber crimes arm, cited an increase in thefts of credit card numbers and a similar increase in the fraudulent use of credit cards in Russia.

"The investigations have disclosed several organized hacker groups in eastern Europe, specifically Russia and the Ukraine, that have penetrated U.S. e-commerce computer systems,'' the FBI said.

More than 40 companies in 20 states have been identified as targets, the FBI said, with more than a million credit card numbers stolen.

The hackers are using well-known holes in their targets' Web sites and transaction software, and the infrastructure center is asking companies to patch holes more quickly.

It is a hassle for customers to change their credit cards after they have been used on compromised e-commerce sites, but companies are even more at risk, security experts say.

Individual liability is capped by law at $50 if fraudulent charges are made on a card, but a company loses consumer confidence and almost assuredly loses the business of the stolen card's holder.

"E-commerce sites have got to realize that they are fiduciaries of other peoples' information,'' said Mark Rasch, legal counsel for Predictive Systems, a computer networking firm. "They've got credit cards, names addresses and buying habits. They have to take that responsibility more seriously.''

NIPC director Michael Vatis said in January that the bureau periodically sees organized criminal groups make extortion demands related to hacker attempts. It is not known if any of the criminals are sponsored by a government, although that possibility is part of the FBI's investigation.

In December 1999, a hacker claimed to have stolen the card numbers of 300,000 CD Universe customers. The hacker, using the name Maxim, said he was a 19-year-old from Russia. He released thousands of the numbers when the company refused to pay a $100,000 ransom.

Western Union shut its Web site for five days in September 2000 after hackers stole the card numbers of more than 15,000 customers.

Last December, another Russian hacker stole more than 55,000 cards from creditcards.com, which processes transactions for online merchants. About 25,000 card numbers were posted online when a $100,000 extortion demand was ignored.


On the Net: National Infrastructure Protection Center: http://www.nipc.gov

-- Martin Thompson (mthom1927@aol.com), March 08, 2001


FBI Uncovers 'Largest Ever' Organized Hacker Attack By David McGuire, Newsbytes WASHINGTON, D.C., U.S.A., 08 Mar 2001, 4:43 PM CST Exploiting a known Windows NT security flaw, an Eastern European organized crime outfit has stolen credit card and other data from at least 40 domestic e-commerce and e-banking sites, the FBI said today.

It is, in the words of one security expert, the "largest criminal Internet attack to date."

Although the FBI is not in the habit of releasing information about ongoing cases, FBI spokesperson Debbie Weierman said the agency made an exception in this case to warn e-commerce sites about the risks.

"As a result of people not heeding (previous) warnings and advisories we have at least 40 victim companies," Weierman told Newsbytes today.

The SANS (System Networking Administration and Security) Institute and the FBI's National Infrastructure Protection Center (NIPC) warned Windows NT users of the security flaw in December, Weierman said, but since that time the Eastern European hacker cabal has added more than a dozen new victims to their tally.

"The bottom line is that the whole purpose of us doing this announcement today is almost (to provide) a public service announcement," Weierman said, adding that until all vulnerable companies download the necessary software patches, the attacks will continue.

SANS Director of Research Alan Paller today also announced the development of a new tool that will allow system administrators to self-diagnose vulnerabilities in their systems.

Developed by the Center for Internet Security, that tool will be made available to "all who need it" on the center's Web site at http://www.cisecurity.org , Paller said.

Details of the hacker attack, including who was targeted and how much was stolen remain under wraps, but in his statement today, Paller called it the largest Internet attack ever.

Weierman would not comment on that characterization, but did say that the attack was large and organized.

Suspected incidents can be reported online at www.nipc.gov/incident/cirr.htm .


-- Martin Thompson (mthom1927@aol.com), March 08, 2001.

Moderation questions? read the FAQ