Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Criminal hacker group brought to trial for what may be Sweden’s largest-ever cybercrime fraud

September 2017 by Nixu Corporation

Criminals scammed millions from Swedish companies and authorities by hijacking
computers. As reported widely in Swedish media on Monday September 18, 2017 a criminal hacker league has been charged with one of the biggest IT-based frauds in
Swedish history. What makes the fraud unique is the severity and extent of the
attack; a group of eight criminal hackers from Sweden and Poland has stolen 40
million Swedish kronor from 60 companies, authorities and municipalities; among
the victims are several Swedish financial institutions and a political party.
The preliminary investigation has been limited to SEK 40 million due to the
maximum sentence value, but the scam most likely vastly exceeds that sum.

How the fraud worked and could it have been prevented?

The attackers gained access to the organization’s user IDs and passwords as well
as an understanding of how the organization communicates by utilizing malicious
files and remote administration tools. This information was then used in the
social engineering part of the scam. The add-on of social engineering added to
the success rate where users were tricked into clicking on links and/or
malicious files which enabled the attackers to gain full access and lateral
movement within the victim’s networks.

With the access gained by the criminal activity, attackers were able to redirect
significant amounts of products such as IT equipment to alternative addresses.
The scam pivoted over time to also include actual changes in financial systems
to redirect payments to alternative accounts, hence leapfrogging the logistics
side, transferring cash directly to specified accounts.

Jesper Svegby, CEO of Bitsec, part of the European cybersecurity company Nixu,
comments that the fraud wasn’t very sophisticated technically but it was
advanced in terms of the large scale and strategy. In addition, the attacks
evolved over time to generate even better outcome for the criminals, so there
was a long-term characteristic involved in the attack that lasted over a long
period of time.

According to Jesper Svegby the attacks could have been successfully prevented
and stopped, which was the case in many instances. Operations that had on-site
control features to prevent malicious code and limited access to remote software
had better chances to resist the criminal attack. Furthermore, businesses with a
higher security awareness and incident readiness had better capabilities to
identify the incidents, respond to them and mitigate them.

Cybersecurity calls for new approach throughout the society

The fraud is setting a new trend in terms of IT related crime, two worlds are
converging which has created a significant impact. General company based fraud
generating revenue through fake invoicing, tax fraud has in this case been
merged with the IT-based crime scene by utilizing malware and weaknesses in
systems and procedures to gain access to sensitive systems. The combination has
enabled the perpetrators to manage the entire chain in the fraud in a very
efficient and scalable manner.

"This is a new trend that we have been able to follow closely when supporting
some of the companies exposed to this fraud", says Bitsec CEO Jesper Svegby.

"As society becomes increasingly digital, ensuring effective protection against
this type of crime requires new approaches and structures from various parties
in society. Organizations need to lift their information security to management
and board level. In addition, society must realize its vulnerability and require
more interaction within and between police, prosecutors and companies and
organizations facing cyber-threats", summarizes Jesper Svegby.

The trial is set to begin on September 26th and is scheduled to run for
approximately 55 days. The prosecutor is aiming for the maximum sentence of
eight year’s imprisonment. The preliminary investigation is significant,
involves as many as 13 prosecutors and has produced investigatory material
exceeding 20,000 pages.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts