Global Issues | Electronic Communications |
|
09 March 2001
Text: U.S. Warning on European-based Computer HackersGroups committing credit card number theft and extortionMore than one million credit card numbers have been stolen by several organized computer hacker groups centered in Russia and Ukraine, according to a March 8 press release from the National Infrastructure Protection Center (NIPC). The Federal Bureau of Investigation has identified 40 victims in 20 U.S. states in an ongoing investigation, NIPC reports. E-commerce and e-banking enterprises are targeted by these hackers, according to the release. NIPC is renewing an earlier warning to these organizations to repair a software vulnerability which allows the hackers to gain access to the businesses computer systems. The NIPC serves as the U.S. government's focal point for threats or attacks against the nation's critical infrastructures, both public and private. Infrastructure includes telecommunications, energy, finance, water systems, government operations, and emergency services. Further information describing the technical vulnerabilities of the software targeted is available at http://www.nipc.gov/warnings/advisories/2001/01-003.htm The following term is used in the text: Patches: A small addition to the original software code, written to bypass or correct a problem. Following is the text of the NIPC press release. U.S. DEPARTMENT OF JUSTICE
Washington D.C. March 8, 2001 Over the past several months, the National Infrastructure Protection Center (NIPC) has been coordinating investigations into a series of organized hacker activities specifically targeting U.S. computer systems associated with e-commerce or e-banking. Despite previous advisories, many computer owners have not patched their systems, allowing these kinds of attacks to continue, and prompting this updated release of information. More than 40 victims located in 20 states have been identified and notified in ongoing investigations in 14 Federal Bureau of Investigation Field Offices and 7 United States Secret Service Field Offices. These investigations have been closely coordinated with foreign law enforcement authorities, and the private sector. Specially trained prosecutors in the Computer and Telecommunication Coordinator program in U.S. Attorneys' Offices in a variety of districts have participated in the investigation, with the assistance of attorneys in the Computer Crime and Intellectual Property Section at the Department of Justice. The investigations have disclosed several organized hacker groups from Eastern Europe, specifically Russia and the Ukraine, that have penetrated U.S. e-commerce computer systems by exploiting vulnerabilities in unpatched Microsoft Windows NT operating systems. These vulnerabilities were originally reported and addressed in Microsoft Security Bulletins MS98-004 (re-released in MS99-025), MS00-014, and MS00-008. As early as 1998, Microsoft discovered these vulnerabilities and developed and publicized patches to fix them. Computer users can download these patches from Microsoft for free. Once the hackers gain access, they download proprietary information, customer databases, and credit card information. The hackers subsequently contact the victim company through facsimile, email, or telephone. After notifying the company of the intrusion and theft of information, the hackers make a veiled extortion threat by offering Internet security services to patch the system against other hackers. They tell the victim that without their services, they cannot guarantee that other hackers will not access the network and post the credit card information and details about the compromise on the Internet. If the victim company is not cooperative in making payments or hiring the group for their security services, the hackers' correspondence with the victim company has become more threatening. Investigators also believe that in some instances the credit card information is being sold to organized crime groups. There has been evidence that the stolen information is at risk whether or not the victim cooperates with the demands of the intruders. To date, more than one million credit card numbers have been stolen. The NIPC has issued an updated Advisory 01-003 at www.nipc.gov regarding these vulnerabilities being exploited. The update includes specific file names that may indicate whether a system has been compromised. If these files are located on your computer system, the NIPC Watch in Washington D.C. should be contacted at (202) 323-3204/3205/3206. Incidents may also be reported online at www.nipc.gov/incident/cirr.htm. For detailed information on the vulnerabilities that are being exploited, please refer to the NIPC Advisory 00-60, and NIPC Advisory 01-003. end text |
|
This site is produced and maintained by the U.S. Department of State. Links to other Internet sites should not be construed as an endorsement of the views contained therein. 
|
 IIP Home | Index to This Site | Webmaster | Search This Site | Archives | U.S. Department of State |