Cybersecurity can at times be a strange career, one in which good news is sometimes defined as no news, as in: Hooray! We haven’t been hacked today! And some of cybersecurity's good news is bad news for other people, for example: “Teen behind Titanium DDoS Stresser pleads guilty in London”. Yet even some of this good news is hard to enjoy. I would not use “happy” to describe my reaction to that headline; more like "sad" because a young man made some bad choices and recovering from the consequences of those choices will be difficult for him.
Then again, you can also say that one less bad actor active in cyberspace is always good news for all those who spend their time defending information systems. So, at this time of the year, when word of good tidings is either on our minds, or on the radio, or both, I decided to highlight some wins for the good people who are working to keep the bad people in check.
Below you will find 20 success stories in the struggle against cybercrime. They range from indictments to arrests, extraditions to sentencing. These reports are not placed in any particular order or ranking and I have probably missed some cases. I made the URLs explicit so you can see the range of publications now covering these events, and I decided not to comment on each case individually in order to stress their cumulative impact. Taken together they demonstrate the extent to which cybercrime has become a part of modern life and, in turn, an increase in resources devoted to deterring it.
Looking at this list I get the sense that law enforcement efforts in cyberspace bore more fruit in 2016 than in any other year, and that is good news. Here's hoping for an even better year in 2017!
- Hacker Gets 4 Years in Prison for Selling Stolen Bank Accounts on the Dark Web - https://www.bleepingcomputer.com/news/security/hacker-gets-4-years-in-prison-for-selling-stolen-bank-accounts-on-the-dark-web/
- Russian Hacker Suspected in Massive LinkedIn Breach Arrested Overseas - http://abcnews.go.com/US/russian-hacker-suspected-massive-linkedin-breach-arrested-overseas/story?id=42912836
- Joint Cyber Operation Takes Down Avalanche Criminal Network Servers Enabled Nefarious Activity Worldwide - https://www.fbi.gov/news/stories/joint-cyber-operation-takes-down-avalanche-criminal-network
- Feds Accuse Two 19-Year-Olds Of Hacking For Lizard Squad and PoodleCorp - http://motherboard.vice.com/read/feds-accuse-two-19-year-olds-of-hacking-for-lizard-squad-and-poodlecorp
- 2 Israelis arrested for major hacking operation after FBI tip-off - http://www.timesofisrael.com/2-israelis-arrested-for-major-hacking-operation-after-fbi-tip-off/
- The hacker behind world’s largest-ever bank hack arrested in Russia - http://www.techworm.net/2016/10/hacker-behind-worlds-largest-ever-bank-hack-arrested-russia.html
- North Carolina men arrested, charged with hacking senior U.S. officials (Crackas with Attitude) - http://www.cbsnews.com/news/north-carolina-men-arrested-charged-hacking-senior-us-officials/
- Teen Behind Titanium DDoS Stresser Pleads Guilty in London: used to launch over 1.7 million DDoS attacks - http://news.softpedia.com/news/teen-behind-titanium-ddos-stresser-pleads-guilty-in-london-509811.shtml
- Global authorities arrest 34 in DDoS bust; suspects mostly teenagers - https://www.scmagazine.com/global-authorities-arrest-34-in-ddos-bust-suspects-mostly-teenagers/article/578671/
- Police arrested a hacker who allegedly triggered a DDoS attack on the 911 emergency call system - http://www.theverge.com/2016/10/30/13471128/meetkumar-hiteshbhai-desai-arrest-911-exploit
- Accused Pippa Middleton hacker arrested by London police - http://www.today.com/video/accused-pippa-middleton-hacker-arrested-by-london-police-772772931547
- NSA contractor arrested in hacking plot - http://nypost.com/2016/10/05/nsa-contractor-arrested-in-hacking-plot/
- Kennesaw State Student Arrested for Hacking School Computer: Faces up to 15 years in jail - http://www.teenvogue.com/story/kennesaw-state-student-arrested-for-hacking-school-computer
- Three men arrested in connection with mobile handset upgrade fraud enabled by unauthorised access to customer data - http://www.computerweekly.com/news/450403170/Hackers-arrested-in-Three-mobile-upgrade-scam
- Florida Computer Programmer Arrested For Hacking Linux Kernel Organization and the Linux Foundation - https://www.justice.gov/usao-ndca/pr/florida-computer-programmer-arrested-hacking
- FBI Arrests Customer of Xtreme Stresser DDoS-for-Hire Service - https://www.bleepingcomputer.com/news/security/fbi-arrests-customer-of-xtreme-stresser-ddos-for-hire-service/
- Three Romanians indicted in $4 million cyber fraud ring - http://www.cleveland.com/metro/index.ssf/2016/12/three_romanians_indicted_in_va.html (not to be confused with the 3 Romanians extradited to the US in 2013 - https://archives.fbi.gov/archives/newyork/press-releases/2013/three-members-of-international-cyber-fraud-ring-extradited-from-romania-to-the-united-states)
- Suspected JP Morgan hacker arrested after returning from Moscow - http://www.cbsnews.com/news/joshua-samuel-aaron-suspected-jp-morgan-hacker-arrested-after-returning-from-moscow/
- Hacker known as Guccifer sentenced to 52 months in prison - https://www.washingtonpost.com/local/public-safety/guccifer-hacker-who-revealed-clintons-use-of-a-private-email-address-sentenced-to-52-months/2016/09/01/4f42dc62-6f91-11e6-8365-b19e428a975e_story.html
- British booter bandit walks free after pleading guilty to malware sales - http://www.theregister.co.uk/2016/04/11/grant_manser_sold_50k_in_stressers_sidesteps_slammer/
Notes on cybercrime and “the cyber”
The US will inaugurate a new president in January amid an unprecedented level of controversy and concern about what the president-elect once referred to as "the cyber". Amidst all the talk, there is a worrying tendency to bundle cybercrime with other unwelcome activities in cyberspace. Allow me to explain.
As a presidential candidate Mr. Trump talked about the need to make cybersecurity "a major priority for both the government and the private sector" (those words come from the official text of candidate Trump’s speech on cybersecurity, as "prepared for delivery" and archived on the wonderful WayBack Machine). He went on to say:
"Cyber-attacks from foreign governments, especially China, Russia, and North Korea along with non-state terrorist actors and organized criminal groups, constitute one of our most critical national security concerns." [emphasis added]
Unfortunately, while this sounds good, it is not entirely accurate: the three different threats enumerated in that sentence are not one and the same thing, and not all cybercrimes are a matter of national security. To be clear, Mr. Trump is not alone in his conflation of these things, we hear it a lot when government contractors, especially defense contractors, talk about cybersecurity. I agree that all three threats are real, but the response to each needs to be very different, and fighting cybercrime as though it is a matter of national defense makes no sense.
To Mr. Trump's credit, some of those prepared remarks do specifically call for a law enforcement pursuit of criminals in addition to a militaristic response to terrorist and nation state activity in cyberspace. Unfortunately, other remarks return to conflated thinking, lapsing into dogma with which a lot of security professionals would disagree, such as: "We should turn cyber warfare into one of our greatest weapons against the terrorists." Frankly, I don't think that is a good idea, and I'd be happy to explain to the new administration why I think that.