A massive cyber-espionage and crime crackdown has yielded a 57-person arrest throughout the UK.
Working with partners in law enforcement, industry and government, the National Crime Agency (NCA) coordinated an intensive period of action throughout the country, disrupting 25 separate operations.
The crooks were involved in a wide range of cyber-criminality, including: network intrusion and data theft from multinational companies and government agencies; distributed denial of service (DDoS) attacks; cyber-enabled fraud; and malicious software and virus development.
And it truly is a mixed bag. For instance, in one case, a 21-year-old man was arrested by the NCA’s National Cyber Crime Unit (NCCU) officers on suspicion of a network intrusion attack committed by ‘D33Ds Company’ hacking group, which stole over 400,000 email addresses and passwords from Yahoo! and published them online in 2012.
In another case, a 23-year old man was arrested for a network intrusion in June 2014 on the US Department of Defense (DoD). That operation stole information from the Enhanced Mobile Satellite Services global communication system used by the DoD to communicate with employees internationally. The arrest was made by NCCU officers, supported by West Midlands police.
One man was charged with developing and distributing malware (malicious software), while another is suspected of committing a £15,000 phishing attack—and a 16-year-old was arrested for the use of DDoS attacks believed to target approximately 350 websites.
In the largest bust, 25 suspects in the London and Essex areas were arrested by the Metropolitan Police Fraud and Linked Crime Online (FALCON) unit on suspicion of cyber-enabled fraud offenses, including fraud by false representation, theft and money laundering.
“The 56 arrests around the country this week are a result of the essential partnership activity with law enforcement, industry and government that is at the heart of fighting cybercrime,” said Andy Archibald, deputy director of the NCCU.
He added, “Criminals need to realize that committing crime online will not make them anonymous to law enforcement. We are continuously working to track down and apprehend those seeking to utilize computers for criminal ends, and to disrupt the technical networks and infrastructures supporting international cybercrime.”
The week also involved an initiative to help small and medium enterprises, hosting companies and ISPs identify threats on their infrastructure. Ten Regional Organized Crime Units, Police Scotland and Police Service of Northern Ireland visited approximately 60 businesses, with personalized security data reports, identifying 5,531 compromises on servers within the UK. The compromises could be used to send out spam email, launch attacks against websites or servers, or install phishing websites to gain access to sensitive information.
The NCA estimates that organizations acting on this advice could, among them, clean up to half of the phishing attacks that typically originate from the UK each month.
“A high-end cyber-attack against financial institutions could have a far-reaching impact on our economy,” said the national policing lead for cybercrime, Deputy Chief Constable Peter Goodman. “Small and medium-sized businesses can be bankrupted by a cyber-attack with owners and staff losing their jobs. You could be seriously affected by the publication of your personal information.”
Operational activity took place across England, Scotland and Wales and saw officers deployed from the NCCU, Metropolitan Police and Regional Organised Crime Unit’s (ROCUs) associated with local forces around the UK.