Cyber crimes are evolving. A lay person can now have a go at hacking with the advent of “attack tool kits” sold in the underground economy servers.
MALAYSIAN Lin Mun Poo did more than get himself arrested when he allegedly hacked into the high security computer networks of the United States’ Federal Reserve Bank (FRB) and the Pentagon’s security contractor.
He put Malaysia on the map of “super hackers”, on par with those from China and Russia, raising concerns from US security and intelligence officials.
“How did a hacker in Malaysia manage to penetrate a computer network operated by the Federal Reserve Bank of Cleveland?” mused MSNBC.com, the website of the giant US cable news network NBC, when the news broke.
“To have the skills to break into highly sensitive systems like that is an impressive level of criminal activity,” MSNBC.com quoted Kurt Baumgartner of Kaspersky Lab, a computer security firm, as saying.
Last Monday, Lin, 32, pleaded not guilty to charges of hacking into the FRB and unlawful possession of stolen credit and debit card account numbers belonging to individuals. He was denied bail.
Little is known of Lin except that he hails from Ipoh where he has a business address. It turns out to be a pub cum karaoke lounge in a commercial district of Ipoh.
Malaysian police say Lin has no criminal record and it appears he commits his cyber crimes outside the country.
“We are working together with our US counterpart to obtain more information of his activities there,” said a senior police source.
Describing Lin as “highly professional”, the source said Lin appeared on US authorities’ radar four years ago – in Thailand where he was alleged to be involved with hacking into US-linked corporations.
Cyber crime has evolved from the past when men and women hacked into computer systems of established entities for their five minutes of fame.
“Cyber criminals used to be after fame. The attacks were noisy, brought down systems and were highly visible,” said Nigel Tan, Symantec Corporation principal consultant for the Asia South region.
Symantec’s Global Intelligence Network has the largest, most sophisticated intelligence network worldwide, processing over eight billion e-mail messages daily and gathering malicious code data from 130 million systems.
Today’s hackers are mainly motivated by money. They move silently across borders in cyber space and the physical world, selling their ill-gotten wares in the underground economy.
“The attacks have now become more silent and they are motivated purely by financial gains. Their motivation is to sell whatever information they get,” Tan added.
Lin was arrested by the US Secret Service on Oct 21 at a diner in Brooklyn after being caught red-handed selling stolen credit card numbers for US$1,000 (RM3,000). He had just arrived a few hours earlier on a flight from Europe.
Secret Service agents seized his heavily encrypted laptop computer and found more than 400,000 credit, debit and bank account numbers which he had allegedly obtained by hacking into various computer systems.
In his post-arrest statement, Lin said the primary purpose of his trip to the US was to meet with an individual whom he believed was capable of regularly providing him with a large volume of stolen card numbers and personal identification numbers.
Credit card information topped the list of goods advertised for sale on the underground economy servers, accounting for 28% of all goods, according to the Symantec Intelligence Quarterly for April-June 2010.
Prices ranged from US$1 (RM3) to US$30 (RM90) depending on three main factors: the amount of information included with the card, rarity of the card type and bulk purchase sizes.
Credit cards that included security features such as CVV2 numbers, PINs and online verification service passwords were offered at higher prices.
The Federal Reserve Bank of Cleveland, Ohio was not Lin’s only victim, as it is alleged that he also breached the computer servers of major financial institutions and companies.
“The defendant possessed data illegally obtained from the computer network of FedComp, a data processor for various credit unions in the United States,” Justice Department prosecutors told US District Judge Dora L. Irizarry in a letter.
By hacking into FedComp, Lin gained access to the data of the Firemen’s Association of the State of New York Federal Credit Union and the Mercer County New Jersey Teachers’ Federal Credit Union, among other victims.
According to the prosecutors, the amount of stolen data found in Lin’s possession is staggering and has led them to describe him as an “extremely sophisticated and dangerous” computer hacker.
It underscored cyber criminals’ single-mindedness in searching and exploiting vulnerabilities in the computer systems of government institutions and corporations.
Lin admitted he made money by “finding and exploiting network vulnerabilities,” or trading and selling the information contained therein, according to the prosecutors.
Symantec warns that it is now easier than ever to launch a cyber attack, thanks to the advent of a so-called “attack tool kit” sold in the underground economy. The attack tool kit is changing the landscape of cyber criminals that was once dominated by IT savvy individuals.
Now anyone can purchase a cyber attack tool kit and use it to launch sophisticated attacks.
“Attack tool kits are easily available on the web for reasonable prices. A tool kit allows people to customise a piece of malicious code designed to steal data and other personal information,” said Tan.
“Such tool kits are easy enough to implement that even people with minimal technical knowledge can use them effectively,” he added.
Two of the most common platforms where such tool kits are sold are the Internet relay chat (IRC) servers (IRC) and web-based forums, according to Tan.
“Both feature discussion groups that participants use to buy and sell fraudulent goods and services.”
For as little as US$5 (RM16) to US$20 (RM63), one can purchase an attack tool kit, he said.
The tool kit is also sold on a monthly basis at a subscription rate of US$120 (RM378). This package comes with technical support.
“The market for these tool kits is now sophisticated enough that updated versions are released on a development schedule, advertising the inclusion of exploits for the latest vulnerabilities while retaining previous exploits,” Tan said.
The lowering of barriers for attackers to enter into cyber crime is reflected in the increase in malicious code that steals confidential information. New malicious codes more than doubled, year-on-year, between 2006 and 2008.
In 2009, it continued the upward trend, reaching 2.9 million, according to Symantec.
Efforts to combat cyber crimes on an international scale are being hampered by the lack of agreement in law enforcement procedures and cooperation across international jurisdictions.
In the meantime, malicious activity is moving to countries with emerging IT and broadband infrastructure.
As a result, it is likely that cyber crime will grow in emerging nations while levels remain relatively constant in established countries.
But from all accounts, Lin is no ordinary hacker. In August 2010, he allegedly hacked into the secure computer system of a major Department of Defence contractor which provides systems management for military transport and other highly sensitive military operations.
The Justice Department said he “potentially compromised” highly sensitive military logistics information.
If convicted, Lin faces a maximum prison sentence of between six-and-a-half years and eight years.
Via TheStar
