In September, a criminal hacker ring was charged with one of the biggest IT-based frauds in Swedish history. Against this backdrop, new cybersecurity measures, for example raising information security to management/board levels, need to be implemented.
In September, a criminal hacker ring was charged with one of the biggest IT-based frauds in Swedish history. While the method of the crime wasn’t sophisticated, dozens of companies were victimized and saw nearly US$5 million stolen. Against this backdrop, new cybersecurity measures, for example raising information security to management/board levels, need to be implemented to better protect enterprises and end-user entities.
That was the point raised by
Bitsec, part of the European cybersecurity company Nixu.
Citing Swedish media, Bitsec noted that the fraud was the largest of its kind in the history of Sweden, allegedly carried out by a group of eight criminal hackers from Sweden and Poland who stole 40 million Swedish kronor, or approximately $4.9 million, from 60 companies, authorities and municipalities. Among the victims were several Swedish financial institutions and a political party, Bitsec said.
According to the company, the attackers gained access to the organizations’ user IDs and passwords as well as an understanding of how the organizations communicate by utilizing malicious files and remote administration tools. This information was then used in the social engineering part of the scam, whereby users were tricked into clicking on links and/or malicious files which enabled the attackers to gain full access and lateral movement within the victim’s networks. With the access gained by the criminal activity, attackers were able to redirect significant amounts of products such as IT equipment to alternative addresses, and the scam pivoted over time to also include actual changes in financial systems to redirect payments to alternative accounts, hence leapfrogging the logistics side, transferring cash directly to specified accounts, the company said.
Jesper Svegby, CEO of Bitsec, comments that the fraud wasn’t very sophisticated technically, but it was advanced in terms of the large scale and strategy. In addition, the attacks evolved over time to generate even better outcome for the criminals, so there was a long-term characteristic involved in the attack that lasted over a long period of time, he said.
According to Svegby, the attacks could have been successfully prevented and stopped. Operations that had on-site control features to prevent malicious code and limited access to remote software had better chances to resist the criminal attack, and businesses with a higher security awareness and incident readiness had better capabilities to identify the incidents, respond to them and mitigate them, he said.
According to him, the fraud is setting a new trend in terms of IT related crime, two worlds are converging which has created a significant impact, and new approaches for dealing with these types of crimes must be in place. “General company based fraud generating revenue through fake invoicing, tax fraud has in this case been merged with the IT-based crime scene by utilizing malware and weaknesses in systems and procedures to gain access to sensitive systems. The combination has enabled the perpetrators to manage the entire chain in the fraud in a very efficient and scalable manner,” he said. “As society becomes increasingly digital, ensuring effective protection against this type of crime requires new approaches and structures from various parties in society. Organizations need to lift their information security to management and board level. In addition, society must realize its vulnerability and require more interaction within and between police, prosecutors and companies and organizations facing cyber-threats.”