11:06 AM
Jim Middlemiss, Wall Street & Technology, and George V. Hulme, InformationWeek
Jim Middlemiss, Wall Street & Technology, and George V. Hulme, InformationWeek
Connect Directly

Feds Crack Down On Cyberfraud

Authorities nail offenders while the SEC, FTC, and investment firms look for ways to bolster security.

Federal authorities and investment firms are getting serious about Internet-related fraud. Recently, Operation Cyber Sweep, which included 34 U.S. attorneys, the FBI, and various federal, state, local, and foreign law-enforcement agencies, targeted cyberfraudsters and netted 125 arrests and more than 70 indictments.

The operation targeted some of the most common online fraud schemes: identity theft, international money laundering, theft of business trade secrets, auction fraud, Web-site spoofing, and cyberextortion. These schemes involved more than 125,000 victims with losses estimated to exceed $100 million.

In one case, a Pennsylvania man allegedly used a Trojan horse to capture the password of an investor's online account, a stark example of the security scams that investment firms face.

Nineteen-year-old Van Dinh faces criminal and civil securities-fraud charges after he was accused of tapping into a TD Waterhouse account held by a 34-year-old Boston man. Securities and Exchange Commission officials allege the accused used an online stock-discussion forum and encouraged people to download software, which included a Trojan horse. Trojan horses let hackers take over a computer without the user's knowledge.

This is the first case in which a hacker has been accused by the SEC of using another person's account to place trades. The case heightens the growing concern about online commerce. The SEC is so concerned about security and identity theft that it's undertaking a review of procedures and policies that companies have in place, says John Walsh, associate director and chief counsel at the SEC.

The SEC tries to identify best practices and find out which firms are leading and which are lagging, Walsh says. It's also looking to see if an industry standard can provide a benchmark to measure companies' security initiatives.

It's not just the SEC that has its eyes on security. The Federal Trade Commission is examining businesses' representations about how they keep information secure, says Michael Overly, a lawyer at Foley & Lardner, which specializes in financial-services technology and the law.

The FTC recently issued a $12,000-a-day sanction against a retailer, even though there was no breach of information. Instead, the FTC found the retailer's security system didn't live up to its billing and the representations made to customers about protections. That, Overly says, should concern financial institutions, which often tout how secure their systems are.

Regulators' interest in security is just more pressure on IT managers. In the past year, there's been a heavier focus on identity theft, Trojan horses, Web spoofing, and worms. The main change in security is the frequency of attacks, says Robert Garigue, chief information security officer at Bank of Montreal. In the past, he says, there would be one or two security events a year. "You used to fight one battle at a time. Now, the tempo has increased."

For fending off viruses, companies continue to depend on patch management. "Vulnerability management is a large challenge for us," says Lee Ann Summers, head of risk management at financial-services firm ABN Amro. "The problem with the current state of patch management is that it's reactive. When you react all the time, it's hard to maintain a strategic focus."

The bottom line, Summers says, is that companies must react faster and be smarter. "You have to tackle security from a bunch of different fronts and get management support. You need to be creative and use the tools to figure out how to get the best bang for your dollar."

Article originally appeared in InformationWeek, Dec. 1, 2003.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.