While cyber crime continued to dominate headlines and wreak havoc on organizations of all sizes across nearly every industry in the first half of 2014, it’s refreshing to note law enforcement also stepped it up. A surge of activity against individuals and criminal organizations occurred, resulting in scores of arrests, indictments and convictions.
According to the new report, “Trends in Cybercrime: A Social Look at the First Half 2014,” published by SurfWatch Labs, law enforcement – and the results of their actions – were a big portion of what people were talking about in the first half of 2014. The SurfWatch Labs report analyzes raw cyber data aggregated from social media, news and blogs, industry-specific data feeds, threat and security information, vulnerability data feeds, and partner and end-user submissions. This raw cyber data is standardized and transformed into CyberFacts, which tell you who’s behind the attack (actor), what they’re targeting (target), what the impact is (effect), and how the attack is being executed (practice).
Despite widespread reporting of arrests and indictments, it is still unclear if increased law enforcement activity will curb hacktivist, cyber espionage and cyber criminal behavior. What is becoming increasingly clear is that the U.S. government is becoming more aggressive in going after cyber criminals and is partnering with other governments in attempts to break up global botnets and prosecute malware creators and those who engaged in espionage.
Jason Polancich, founder and chief architect, SurfWatch Labs, is a serial entrepreneur focused on solving complex Internet security and cyber-defense problems, with more than 20 years of experience as an intelligence analyst, software engineer, systems architect and corporate executive. Prior to founding SurfWatch Labs, Mr. Polancich co-founded Novii Design, which assisted the U.S. intelligence community and Department of Defense in building some of the largest data warehouse and analysis systems ever put into operation within the government and defense contracting sectors.
Notable Examples of Law Enforcement Action
Click through for a closer look at how law enforcement fought back against some of the biggest cyber attacks during the first half of 2014, as identified by SurfWatch Labs.
How law enforcement stepped in
The most discussed cyber practices for law enforcement in the first half of 2014:
- Criminal charges: 78 percent
- Suspected hacker arrested: 15 percent
- Law enforcement intervention: 2 percent
The following slides feature some of the high-profile law enforcement actions in the first half of 2014.
GameOver Zeus
The FBI, international law enforcement organizations and security vendors launched an operation to dismantle the GameOver Zeus botnet and the Department of Justice charged a Russian hacker with operating the botnet.
Blackshades
A joint operation across law enforcement agencies in the U.S., Europe and Asia resulted in dozens of arrests of users of the Blackshades malware.
Nuclear Black Hat
The U.S. government arrested and charged a former U.S. Navy system administrator (who referred to himself as “nuclear black hat”) with conspiring to hack into government systems.
Heartbleed
The Royal Canadian Mounted Police arrested and charged a teenage hacker with the theft of 900 social insurance numbers.
Chinese Military Hackers
The U.S. Department of Justice indicted five Chinese military hackers – who had targeted six U.S.-based nuclear power, metals and solar energy companies – for computer hacking, economic espionage and other offenses.
Timothy French, NullCrew
The FBI and Department of Justice arrested and charged Timothy French, a member of the hacker group NullCrew, for conspiracy to commit computer fraud by posting usernames and passwords online.
Guccifer
A Virginia federal grand Jury indicted the hacker known as Guccifer for breaking into social media accounts of U.S. government officials. The hacker was charged with wire fraud, unauthorized computer access, cyber stalking and aggravated identity theft.
The ‘Lorax’
The Australian government charged Adam John Bennett, a.k.a. the “Lorax,” for hacking into the database of telecommunications company AAPT, and stealing credit card and medicare numbers, addresses and phone numbers.