The U.S. District Court for the Northern District of Georgia hasindicted eight Eastern European men for hacking into the computersof Atlanta-based RBS Worldpay and the subsequent theft of millionsof dollars from ATMs around the world.
The indictment accused the eight men of hacking into a computersystem at the U.S.- based payment-processing arm of the Royal Bankof Scotland Group and then allegedly cloning prepaid ATM cards thatauthorities said thieves used to draw cash from over 2,000 ATMs in280 cities around the world within a couple of hours.
Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 28, ofSt. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; anda person identified only as “Hacker 3″ were charged in a federalgrand jury indictment for hacking into a computer network operatedby the Atlanta-based credit card processing company.
The 16-count indictment charges Tsurikov, Pleshchuk, Covelin andHacker 3 with conspiracy to commit wire fraud, wire fraud,conspiracy to commit computer fraud, computer fraud, access devicefraud and aggravated identity theft. The indictment states theaccused group used sophisticated hacking techniques to compromisethe data encryption used by RBS WorldPay to protect customer dataon payroll debit cards.
Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and MihhailJevgenov, 33, all of Tallinn, Estonia, were indicted for accessdevice fraud.
The indictment brings to light the growing international nature ofboth hacking and ATM-based crime as well as the relative lack of astrong global response to prevent it. Security experts expect thatas the credit card industry and retailers continue to tighten theirown security, the focus will continue to shift to compromisingpayment networks and the primary hacking conspiracies will continueto be hatched overseas.
“Unfortunately, you have significant populations of younger peoplein both Eastern Europe and Asia who have often had good technicaleducations but who cannot easily find jobs,” observed one expertwho declined to be identified, not having been cleared to speak tothe media. “With time on their hands and a willingness to keeppicking the locks, eventually they will get in,” the expertadded.
Others drew attention to the coordinated nature of the robberyitself. While thieves previously would generally seek to compromisecredit, debit or ATM card numbers in order to sell them, thesethieves not only allegedly stole the card data and made the cardsbut also allegedly coordinated the near simultaneous robberies offinancial institutions through their ATMs.
It is this coordinated sort of looting that experts predict willget harder and harder to prevent unless the industry andgovernments around the world coordinate their responses to thesecrimes.
The RBS WorldPay case provides both an example what can be donewhen such coordination takes place and how comparatively rare itis, some experts said, even as authorities directly responsible forthe indictments celebrated the cooperation that brought themabout.
“Last November, in just one day, an American credit card processorwas hacked in perhaps the most sophisticated and organized computerfraud attack ever conducted,” said Acting United States AttorneySally Quillian Yates of the case when the indictment was announced.“Today, almost exactly one year later, the leaders of this attackhave been charged. This investigation has broken the back of one ofthe most sophisticated computer hacking rings in the world. Thissuccess would not have been possible without the efforts of thevictim, and unprecedented cooperation from various law enforcementagencies worldwide.”
In Washington, Assistant Attorney General of the Criminal DivisionLanny A. Breuer said, “The charges brought against this highlysophisticated international hacking ring were possible only becauseof unprecedented international cooperation with our law enforcementpartners, particularly between the United States and Estonia.Through our close cooperation, both nations have demonstrated ourcommitment to identifying sophisticated attacks on U.S. financialnetworks that are directed and operated from overseas and ourcommitment to bringing the perpetrators to justice.”
At least three of the eight men named in the indictment are fromEstonia. FBI Atlanta Special Agent in Charge Greg Jones said,“Through the diligent efforts of the victim company and multiplelaw enforcement agencies within the United States and around theworld, the leaders of a technically advanced computer hacking groupwere identified and indicted in Atlanta, sending a clear message tocyber-criminals across the globe. Justice will not stop atinternational borders but continue with the on going cooperationbetween the FBI and other agencies, such as the Estonian CentralCriminal Police and the Netherlands Police Agency.”
But the ATM Industry Association, a trade association representingATM deployers, manufactures and networks around the world haveurged greater cooperation and increased penalties for ATM skimmingand other ATM crimes. Skimming is the use of devices at ATMs tocapture users' card and PIN numbers to use to defraud themlater.
In a recent position paper on skimming drew attention to thesteadily increasing global nature of the crime.
“The involvement of organized crime groups in skimming, and othertypes of card fraud, is well-established and pervasive. The U.K.Home Office, in a report, 'Organized crime: revenues, economic andsocial costs, and criminal assets available for seizure', estimatesthat organized crime is involved in 85% of the illicit market foridentity theft and 85% of the illicit market for counterfeitplastic card fraud,” the association said, adding, “proceeds fromskimming crimes are a major revenue source for globalized crimesyndicates.”
The association urged lawmakers around the world to strengthen lawsand penalties against skimming and ATM crime.
–[email protected]